admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:56:00 +00:00
parent 2242acfaa2
commit b919470d7c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 4456 additions and 4456 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2006/0xxx/CVE-2006-0398.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0398", "ID": "CVE-2006-0398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2006-03-13", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. NOTE: due to the lack of specific information in the vendor advisory, it is not clear how CVE-2006-0397, CVE-2006-0398, and CVE-2006-0399 are different."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=303453", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=303453" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0949", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0949" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23870", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/23870" ]
}, },
{ "references": {
"name" : "1015760", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015760" "name": "ADV-2006-0949",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0949"
"name" : "19129", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19129" "name": "1015760",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015760"
"name" : "macosx-safefiletype-command-execution(25269)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25269" "name": "19129",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19129"
} },
} {
"name": "APPLE-SA-2006-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Mar/msg00001.html"
},
{
"name": "macosx-safefiletype-command-execution(25269)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25269"
},
{
"name": "23870",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/23870"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=303453",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=303453"
}
]
}
}

160
2006/0xxx/CVE-2006-0702.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0702", "ID": "CVE-2006-0702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060211 imageVue16.1 upload vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424745/30/0/threaded" "lang": "eng",
}, "value": "admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal."
{ }
"name" : "16594", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16594" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-0570", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0570" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18802", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/18802" ]
}, },
{ "references": {
"name" : "imagevue-upload-file-upload(24633)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24633" "name": "ADV-2006-0570",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/0570"
} },
} {
"name": "imagevue-upload-file-upload(24633)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24633"
},
{
"name": "20060211 imageVue16.1 upload vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424745/30/0/threaded"
},
{
"name": "18802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18802"
},
{
"name": "16594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16594"
}
]
}
}

180
2006/0xxx/CVE-2006-0905.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secteam@freebsd.org",
"ID" : "CVE-2006-0905", "ID": "CVE-2006-0905",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A \"programming error\" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-06:11", "description_data": [
"refsource" : "FREEBSD", {
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc" "lang": "eng",
}, "value": "A \"programming error\" in fast_ipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and conduct replay attacks."
{ }
"name" : "NetBSD-SA2006-011", ]
"refsource" : "NETBSD", },
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17191", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17191" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24068", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24068" ]
}, },
{ "references": {
"name" : "1015809", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015809" "name": "24068",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24068"
"name" : "19366", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19366" "name": "1015809",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015809"
"name" : "bsd-ipsec-replay(25398)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398" "name": "17191",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17191"
} },
} {
"name": "19366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19366"
},
{
"name": "NetBSD-SA2006-011",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-011.txt.asc"
},
{
"name": "FreeBSD-SA-06:11",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc"
},
{
"name": "bsd-ipsec-replay(25398)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25398"
}
]
}
}

200
2006/1xxx/CVE-2006-1066.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1066", "ID": "CVE-2006-1066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[linux-kernel] 20060207 [PATCH] arch/x86_64/kernel/traps.c PTRACE_SINGLESTEP oops", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-kernel&m=113932292516359&w=2" "lang": "eng",
}, "value": "Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call."
{ }
"name" : "DSA-1017", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2006/dsa-1017" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2006:151", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-281-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/281-1/" ]
}, },
{ "references": {
"name" : "17216", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17216" "name": "USN-281-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/281-1/"
"name" : "24098", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24098" "name": "MDKSA-2006:151",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:151"
"name" : "19374", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19374" "name": "21614",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21614"
"name" : "19955", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19955" "name": "19955",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19955"
"name" : "21614", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21614" "name": "17216",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17216"
} },
} {
"name": "24098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24098"
},
{
"name": "DSA-1017",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1017"
},
{
"name": "19374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19374"
},
{
"name": "[linux-kernel] 20060207 [PATCH] arch/x86_64/kernel/traps.c PTRACE_SINGLESTEP oops",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel&m=113932292516359&w=2"
}
]
}
}

280
2006/1xxx/CVE-2006-1260.json
View File

@ -1,142 +1,142 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1260", "ID": "CVE-2006-1260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/427710/100/0/threaded" "lang": "eng",
}, "value": "Horde Application Framework 3.0.9 allows remote attackers to read arbitrary files via a null character in the url parameter in services/go.php, which bypasses a sanity check."
{ }
"name" : "20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043657.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1033", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1033" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1034", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1034" ]
}, },
{ "references": {
"name" : "GLSA-200604-02", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-02.xml" "name": "590",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/590"
"name" : "SUSE-SR:2006:009", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_04_28.html" "name": "GLSA-200604-02",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-02.xml"
"name" : "17117", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17117" "name": "DSA-1034",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1034"
"name" : "ADV-2006-0959", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0959" "name": "19528",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19528"
"name" : "23918", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23918" "name": "17117",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17117"
"name" : "1015771", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015771" "name": "19246",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19246"
"name" : "19246", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19246" "name": "23918",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23918"
"name" : "19528", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19528" "name": "19692",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19692"
"name" : "19619", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19619" "name": "horde-servicesgo-information-disclosure(25239)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25239"
"name" : "19897", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19897" "name": "ADV-2006-0959",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0959"
"name" : "19692", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19692" "name": "19619",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19619"
"name" : "590", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/590" "name": "1015771",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015771"
"name" : "horde-servicesgo-information-disclosure(25239)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25239" "name": "DSA-1033",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2006/dsa-1033"
} },
} {
"name": "20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043657.html"
},
{
"name": "20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/427710/100/0/threaded"
},
{
"name": "19897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19897"
},
{
"name": "SUSE-SR:2006:009",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
}
]
}
}

180
2006/1xxx/CVE-2006-1366.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1366", "ID": "CVE-2006-1366",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service (device shutdown), and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer (aka FTP) service on Bluetooth channel 9."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/428431/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service (device shutdown), and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer (aka FTP) service on Bluetooth channel 9."
{ }
"name" : "20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044287.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.digitalmunition.com/DMA[2006-0321a].txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.digitalmunition.com/DMA[2006-0321a].txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17185", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17185" ]
}, },
{ "references": {
"name" : "ADV-2006-1045", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1045" "name": "motorola-peblu6-v600-obex-bo(25401)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25401"
"name" : "19319", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19319" "name": "20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/428431/100/0/threaded"
"name" : "motorola-peblu6-v600-obex-bo(25401)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25401" "name": "19319",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19319"
} },
} {
"name": "17185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17185"
},
{
"name": "http://www.digitalmunition.com/DMA[2006-0321a].txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA[2006-0321a].txt"
},
{
"name": "ADV-2006-1045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1045"
},
{
"name": "20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/044287.html"
}
]
}
}

640
2006/1xxx/CVE-2006-1742.json
View File

@ -1,322 +1,322 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-1742", "ID": "CVE-2006-1742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html" "lang": "eng",
}, "value": "The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remote attackers to trigger operations on freed memory and cause memory corruption."
{ }
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1044", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1044" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1046", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1046" ]
}, },
{ "references": {
"name" : "DSA-1051", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1051" "name": "USN-275-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/275-1/"
"name" : "FEDORA-2006-410", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" "name": "oval:org.mitre.oval:def:11808",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808"
"name" : "FEDORA-2006-411", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" "name": "RHSA-2006:0330",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
"name" : "FLSA:189137-1", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/436296/100/0/threaded" "name": "19902",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19902"
"name" : "FLSA:189137-2", },
"refsource" : "FEDORA", {
"url" : "http://www.securityfocus.com/archive/1/436338/100/0/threaded" "name": "oval:org.mitre.oval:def:1087",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087"
"name" : "GLSA-200604-12", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" "name": "20060404-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
"name" : "GLSA-200604-18", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-10.html"
"name" : "GLSA-200605-09", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" "name": "USN-276-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/276-1/"
"name" : "HPSBUX02122", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" "name": "HPSBUX02122",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name" : "SSRT061158", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" "name": "19941",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19941"
"name" : "MDKSA-2006:075", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" "name": "19780",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19780"
"name" : "MDKSA-2006:076", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" "name": "RHSA-2006:0328",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
"name" : "RHSA-2006:0328", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0328.html" "name": "GLSA-200604-12",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
"name" : "RHSA-2006:0329", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0329.html" "name": "21622",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21622"
"name" : "RHSA-2006:0330", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0330.html" "name": "19862",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19862"
"name" : "SCOSA-2006.26", },
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" "name": "MDKSA-2006:075",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
"name" : "20060404-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
"name" : "102550", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" "name": "19823",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19823"
"name" : "228526", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" "name": "DSA-1051",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1051"
"name" : "SUSE-SA:2006:022", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html" "name": "FEDORA-2006-410",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
"name" : "SUSE-SA:2006:021", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" "name": "USN-271-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/271-1/"
"name" : "USN-275-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/275-1/" "name": "19714",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19714"
"name" : "USN-276-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/276-1/" "name": "RHSA-2006:0329",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
"name" : "USN-271-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/271-1/" "name": "GLSA-200604-18",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
"name" : "VU#492382", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/492382" "name": "19811",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19811"
"name" : "oval:org.mitre.oval:def:11808", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11808" "name": "19794",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19794"
"name" : "ADV-2006-1356", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1356" "name": "19746",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19746"
"name" : "oval:org.mitre.oval:def:1087", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1087" "name": "21033",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21033"
"name" : "19631", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19631" "name": "102550",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
"name" : "19759", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19759" "name": "19696",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19696"
"name" : "19794", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19794" "name": "19759",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19759"
"name" : "19811", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19811" "name": "SUSE-SA:2006:021",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
"name" : "19823", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19823" "name": "FLSA:189137-2",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
"name" : "19852", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19852" "name": "mozilla-garbage-memory-corruption(25807)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807"
"name" : "19862", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19862" "name": "ADV-2006-1356",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1356"
"name" : "19863", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19863" "name": "SSRT061158",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
"name" : "19902", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19902" "name": "19729",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19729"
"name" : "19950", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19950" "name": "VU#492382",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/492382"
"name" : "19941", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19941" "name": "20051",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20051"
"name" : "19714", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19714" "name": "19863",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19863"
"name" : "19721", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19721" "name": "SCOSA-2006.26",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
"name" : "19746", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19746" "name": "FLSA:189137-1",
}, "refsource": "FEDORA",
{ "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
"name" : "21033", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21033" "name": "228526",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
"name" : "21622", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21622" "name": "FEDORA-2006-411",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
"name" : "19696", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19696" "name": "19852",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19852"
"name" : "19729", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19729" "name": "19721",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19721"
"name" : "19780", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19780" "name": "SUSE-SA:2006:022",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
"name" : "20051", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20051" "name": "GLSA-200605-09",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
"name" : "mozilla-garbage-memory-corruption(25807)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25807" "name": "19631",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19631"
} },
} {
"name": "19950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19950"
},
{
"name": "MDKSA-2006:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
},
{
"name": "DSA-1046",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1046"
},
{
"name": "DSA-1044",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1044"
}
]
}
}

190
2006/1xxx/CVE-2006-1803.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1803", "ID": "CVE-2006-1803",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060412 phpMyAdmin 2.7.0-pl1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430902/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in sql.php in phpMyAdmin 2.7.0-pl1 allows remote attackers to inject arbitrary web script or HTML via the sql_query parameter."
{ }
"name" : "20060414 Re: phpMyAdmin 2.7.0-pl1", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/431013/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SR:2006:009", "description": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_04_28.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17487", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17487" ]
}, },
{ "references": {
"name" : "ADV-2006-1372", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1372" "name": "ADV-2006-1372",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1372"
"name" : "19659", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19659" "name": "19659",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19659"
"name" : "19897", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19897" "name": "20060412 phpMyAdmin 2.7.0-pl1",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/430902/100/0/threaded"
"name" : "phpmyadmin-sql-xss(25796)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25796" "name": "phpmyadmin-sql-xss(25796)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25796"
} },
} {
"name": "20060414 Re: phpMyAdmin 2.7.0-pl1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431013/100/0/threaded"
},
{
"name": "19897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19897"
},
{
"name": "SUSE-SR:2006:009",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
},
{
"name": "17487",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17487"
}
]
}
}

180
2006/1xxx/CVE-2006-1944.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1944", "ID": "CVE-2006-1944",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2006/04/communimail-xss-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2006/04/communimail-xss-vuln.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in SibSoft CommuniMail 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the list_id parameter in mailadmin.cgi and (2) the form_id parameter in templates.cgi."
{ }
"name" : "17602", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17602" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1407", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1407" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24735", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/24735" ]
}, },
{ "references": {
"name" : "24736", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24736" "name": "17602",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17602"
"name" : "19667", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19667" "name": "http://pridels0.blogspot.com/2006/04/communimail-xss-vuln.html",
}, "refsource": "MISC",
{ "url": "http://pridels0.blogspot.com/2006/04/communimail-xss-vuln.html"
"name" : "communimail-multiple-xss(25931)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25931" "name": "communimail-multiple-xss(25931)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25931"
} },
} {
"name": "19667",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19667"
},
{
"name": "ADV-2006-1407",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1407"
},
{
"name": "24735",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24735"
},
{
"name": "24736",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24736"
}
]
}
}

190
2006/5xxx/CVE-2006-5153.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5153", "ID": "CVE-2006-5153",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447504/100/0/threaded" "lang": "eng",
}, "value": "The (1) fwdrv.sys and (2) khips.sys drivers in Sunbelt Kerio Personal Firewall 4.3.268 and earlier do not validate arguments passed through to SSDT functions, including NtCreateFile, NtDeleteFile, NtLoadDriver, NtMapViewOfSection, NtOpenFile, and NtSetInformationFile, which allows local users to cause a denial of service (crash) and possibly other impacts via unspecified vectors."
{ }
"name" : "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php", ]
"refsource" : "MISC", },
"url" : "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20299", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3872", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3872" ]
}, },
{ "references": {
"name" : "1016967", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016967" "name": "20061001 Kerio Multiple insufficient argument validation of hooked SSDT function Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447504/100/0/threaded"
"name" : "22234", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22234" "name": "1685",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1685"
"name" : "1685", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1685" "name": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
}, "refsource": "MISC",
{ "url": "http://www.matousec.com/info/advisories/Kerio-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
"name" : "kerio-drivers-dos(29313)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313" "name": "22234",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22234"
} },
} {
"name": "20299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20299"
},
{
"name": "kerio-drivers-dos(29313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29313"
},
{
"name": "1016967",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016967"
},
{
"name": "ADV-2006-3872",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3872"
}
]
}
}

170
2006/5xxx/CVE-2006-5547.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5547", "ID": "CVE-2006-5547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][includes] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2622", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2622" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System (OTSCMS) 1.0.0 through 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][otscms][directories][includes] parameter."
{ }
"name" : "20694", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20694" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4180", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4180" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22577", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22577" ]
}, },
{ "references": {
"name" : "otscms-otscms-file-include(29719)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29719" "name": "otscms-otscms-file-include(29719)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29719"
"name" : "20061025 CONFIRM: OTSCMS file inclusions - PHP5 __autoload", },
"refsource" : "VIM", {
"url" : "http://attrition.org/pipermail/vim/2006-October/001096.html" "name": "20694",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/20694"
} },
} {
"name": "20061025 CONFIRM: OTSCMS file inclusions - PHP5 __autoload",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-October/001096.html"
},
{
"name": "22577",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22577"
},
{
"name": "2622",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2622"
},
{
"name": "ADV-2006-4180",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4180"
}
]
}
}

150
2007/2xxx/CVE-2007-2614.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2614", "ID": "CVE-2007-2614",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070507 PHPHtmlLib <= 2.4.0 Remote File Include Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/467837/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in examples/widget8.php in phpHtmlLib 2.4.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phphtmllib parameter."
{ }
"name" : "36168", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/36168" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2690", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2690" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phphtmllib-widget8-file-include(34166)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34166" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20070507 PHPHtmlLib <= 2.4.0 Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467837/100/0/threaded"
},
{
"name": "2690",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2690"
},
{
"name": "phphtmllib-widget8-file-include(34166)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34166"
},
{
"name": "36168",
"refsource": "OSVDB",
"url": "http://osvdb.org/36168"
}
]
}
}

230
2010/0xxx/CVE-2010-0639.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0639", "ID": "CVE-2010-0639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.squid-cache.org/show_bug.cgi?id=2858", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.squid-cache.org/show_bug.cgi?id=2858" "lang": "eng",
}, "value": "The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets to the HTCP port."
{ }
"name" : "http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch", ]
"refsource" : "MISC", },
"url" : "http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch", "description": [
"refsource" : "MISC", {
"url" : "http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.squid-cache.org/Advisories/SQUID-2010_2.txt", ]
"refsource" : "CONFIRM", }
"url" : "http://www.squid-cache.org/Advisories/SQUID-2010_2.txt" ]
}, },
{ "references": {
"name" : "FEDORA-2010-2434", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037159.html" "name": "FEDORA-2010-2434",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037159.html"
"name" : "FEDORA-2010-3064", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035961.html" "name": "62297",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/62297"
"name" : "38212", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38212" "name": "http://www.squid-cache.org/Advisories/SQUID-2010_2.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.squid-cache.org/Advisories/SQUID-2010_2.txt"
"name" : "62297", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/62297" "name": "ADV-2010-0371",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0371"
"name" : "1023587", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023587" "name": "FEDORA-2010-3064",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035961.html"
"name" : "38812", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38812" "name": "ADV-2010-0603",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/0603"
"name" : "ADV-2010-0371", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0371" "name": "38812",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38812"
"name" : "ADV-2010-0603", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0603" "name": "http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch",
} "refsource": "MISC",
] "url": "http://www.squid-cache.org/Versions/v3/3.0/changesets/3.0-ADV-2010_2.patch"
} },
} {
"name": "http://bugs.squid-cache.org/show_bug.cgi?id=2858",
"refsource": "MISC",
"url": "http://bugs.squid-cache.org/show_bug.cgi?id=2858"
},
{
"name": "38212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38212"
},
{
"name": "1023587",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023587"
},
{
"name": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch",
"refsource": "MISC",
"url": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12600.patch"
}
]
}
}

160
2010/0xxx/CVE-2010-0810.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0810", "ID": "CVE-2010-0810",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Exception Handler Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-021", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021" "lang": "eng",
}, "value": "The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does not properly handle unspecified exceptions, which allows local users to cause a denial of service (reboot) via a crafted application, aka \"Windows Kernel Exception Handler Vulnerability.\""
{ }
"name" : "TA10-103A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:7012", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7012" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1023850", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1023850" ]
}, },
{ "references": {
"name" : "39373", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39373" "name": "oval:org.mitre.oval:def:7012",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7012"
} },
} {
"name": "MS10-021",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-021"
},
{
"name": "TA10-103A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103A.html"
},
{
"name": "39373",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39373"
},
{
"name": "1023850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023850"
}
]
}
}

150
2010/0xxx/CVE-2010-0994.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2010-0994", "ID": "CVE-2010-0994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100414 Secunia Research: Visualization Library DAT File Parsing Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/510710/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions."
{ }
"name" : "http://secunia.com/secunia_research/2010-02/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2010-02/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39471", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/39471" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38162", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/38162" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20100414 Secunia Research: Visualization Library DAT File Parsing Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510710/100/0/threaded"
},
{
"name": "38162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38162"
},
{
"name": "39471",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39471"
},
{
"name": "http://secunia.com/secunia_research/2010-02/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2010-02/"
}
]
}
}

270
2010/1xxx/CVE-2010-1173.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-1173", "ID": "CVE-2010-1173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/516397/100/0/threaded" "lang": "eng",
}, "value": "The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data."
{ }
"name" : "[netdev] 20100428 Re: [PATCH]: sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4)", ]
"refsource" : "MLIST", },
"url" : "http://article.gmane.org/gmane.linux.network/159531" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20100429 CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/04/29/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2010/04/29/6" ]
}, },
{ "references": {
"name" : "[oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=oss-security&m=127251068407878&w=2" "name": "[oss-security] 20100429 CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/29/1"
"name" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=5fa782c2f5ef6c2e4f04d3e228412c9b4a4c8809", },
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=5fa782c2f5ef6c2e4f04d3e228412c9b4a4c8809" "name": "MDVSA-2010:198",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
"name" : "http://kbase.redhat.com/faq/docs/DOC-31052", },
"refsource" : "CONFIRM", {
"url" : "http://kbase.redhat.com/faq/docs/DOC-31052" "name": "[netdev] 20100428 Re: [PATCH]: sctp: Fix skb_over_panic resulting from multiple invalid parameter errors (CVE-2010-1173) (v4)",
}, "refsource": "MLIST",
{ "url": "http://article.gmane.org/gmane.linux.network/159531"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=584645", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=584645" "name": "[oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/29/6"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" "name": "RHSA-2010:0474",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0474.html"
"name" : "DSA-2053", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2053" "name": "43315",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43315"
"name" : "MDVSA-2010:198", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198" "name": "http://kbase.redhat.com/faq/docs/DOC-31052",
}, "refsource": "CONFIRM",
{ "url": "http://kbase.redhat.com/faq/docs/DOC-31052"
"name" : "RHSA-2010:0474", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0474.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=584645",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=584645"
"name" : "oval:org.mitre.oval:def:11416", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11416" "name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=5fa782c2f5ef6c2e4f04d3e228412c9b4a4c8809",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=5fa782c2f5ef6c2e4f04d3e228412c9b4a4c8809"
"name" : "39830", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39830" "name": "40218",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40218"
"name" : "40218", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40218" "name": "oval:org.mitre.oval:def:11416",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11416"
"name" : "43315", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43315" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
} "refsource": "CONFIRM",
] "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
} },
} {
"name": "DSA-2053",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
},
{
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
},
{
"name": "[oss-security] 20100429 Re: CVE-2010-1173 kernel: skb_over_panic resulting from multiple invalid parameter errors",
"refsource": "MLIST",
"url": "http://marc.info/?l=oss-security&m=127251068407878&w=2"
}
]
}
}

34
2010/1xxx/CVE-2010-1456.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-1456", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-1456",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1455. Reason: This candidate is a duplicate of CVE-2010-1455. Notes: All CVE users should reference CVE-2010-1455 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1455. Reason: This candidate is a duplicate of CVE-2010-1455. Notes: All CVE users should reference CVE-2010-1455 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2010/3xxx/CVE-2010-3068.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-3068", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-3068",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2938. Reason: This candidate is a reservation duplicate of CVE-2010-2938. Notes: All CVE users should reference CVE-2010-2938 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2938. Reason: This candidate is a reservation duplicate of CVE-2010-2938. Notes: All CVE users should reference CVE-2010-2938 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

140
2010/3xxx/CVE-2010-3150.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3150", "ID": "CVE-2010-3150",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as a .pproj, .prfpset, .prexport, .prm, .prmp, .prpreset, .prproj, .prsl, .prtl, or .vpr file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100825 Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/513336/100/0/threaded" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as a .pproj, .prfpset, .prexport, .prm, .prmp, .prpreset, .prproj, .prsl, .prtl, or .vpr file."
{ }
"name" : "14771", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/14771/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2010-2209", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2209" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "14771",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14771/"
},
{
"name": "ADV-2010-2209",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2209"
},
{
"name": "20100825 Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513336/100/0/threaded"
}
]
}
}

350
2010/3xxx/CVE-2010-3636.json
View File

@ -1,177 +1,177 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-3636", "ID": "CVE-2010-3636",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html" "lang": "eng",
}, "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors."
{ }
"name" : "http://support.apple.com/kb/HT4435", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT4435" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", "description": [
"refsource" : "CONFIRM", {
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2010-11-10-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" ]
}, },
{ "references": {
"name" : "GLSA-201101-09", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml" "name": "ADV-2011-0192",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0192"
"name" : "HPSBMA02663", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" "name": "42183",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42183"
"name" : "SSRT100428", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" "name": "http://support.apple.com/kb/HT4435",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4435"
"name" : "RHSA-2010:0829", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0829.html" "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
}, "refsource": "CONFIRM",
{ "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
"name" : "RHSA-2010:0834", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0834.html" "name": "43026",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43026"
"name" : "RHSA-2010:0867", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0867.html" "name": "GLSA-201101-09",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
"name" : "SUSE-SA:2010:055", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" "name": "ADV-2010-2918",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2918"
"name" : "JVN#48425028", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN48425028/index.html" "name": "44691",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/44691"
"name" : "JVNDB-2010-000054", },
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html" "name": "APPLE-SA-2010-11-10-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name" : "44691", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44691" "name": "JVNDB-2010-000054",
}, "refsource": "JVNDB",
{ "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html"
"name" : "oval:org.mitre.oval:def:12142", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142" "name": "RHSA-2010:0834",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
"name" : "oval:org.mitre.oval:def:15913", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913" "name": "SUSE-SA:2010:055",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
"name" : "42183", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42183" "name": "42926",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42926"
"name" : "42926", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42926" "name": "SSRT100428",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name" : "43026", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43026" "name": "ADV-2010-2903",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2903"
"name" : "ADV-2010-2903", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2903" "name": "HPSBMA02663",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name" : "ADV-2010-2906", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2906" "name": "ADV-2011-0173",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0173"
"name" : "ADV-2010-2918", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2918" "name": "JVN#48425028",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/en/jp/JVN48425028/index.html"
"name" : "ADV-2011-0173", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0173" "name": "oval:org.mitre.oval:def:15913",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913"
"name" : "ADV-2011-0192", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0192" "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
} "refsource": "CONFIRM",
] "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
} },
} {
"name": "oval:org.mitre.oval:def:12142",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142"
},
{
"name": "ADV-2010-2906",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2906"
},
{
"name": "RHSA-2010:0867",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
},
{
"name": "RHSA-2010:0829",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
}
]
}
}

310
2010/4xxx/CVE-2010-4242.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4242", "ID": "CVE-2010-4242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded" "lang": "eng",
}, "value": "The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver."
{ }
"name" : "[linux-kernel] 20101007 Peculiar stuff in hci_ath3k/badness in hci_uart", ]
"refsource" : "MLIST", },
"url" : "https://lkml.org/lkml/2010/10/7/255" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/", "description": [
"refsource" : "MISC", {
"url" : "http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773", ]
"refsource" : "CONFIRM", }
"url" : "http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=641410", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=641410" "name": "42789",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42789"
"name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" "name": "http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/linus/c19483cc5e56ac5e22dd19cf25ba210ab1537773"
"name" : "RHSA-2011:0004", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0004.html" "name": "ADV-2011-0024",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0024"
"name" : "RHSA-2011:0162", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0162.html" "name": "RHSA-2011:0004",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0004.html"
"name" : "RHSA-2011:0007", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0007.html" "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"name" : "SUSE-SA:2011:008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" "name": "46397",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46397"
"name" : "45014", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45014" "name": "kernel-hciuartttyopen-dos(64617)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64617"
"name" : "42789", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42789" "name": "RHSA-2011:0007",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0007.html"
"name" : "42963", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42963" "name": "45014",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45014"
"name" : "42890", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42890" "name": "42963",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42963"
"name" : "43291", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43291" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=641410",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=641410"
"name" : "46397", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46397" "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"name" : "ADV-2011-0024", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0024" "name": "ADV-2011-0375",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0375"
"name" : "ADV-2011-0168", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0168" "name": "42890",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42890"
"name" : "ADV-2011-0375", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0375" "name": "RHSA-2011:0162",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0162.html"
"name" : "kernel-hciuartttyopen-dos(64617)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64617" "name": "[linux-kernel] 20101007 Peculiar stuff in hci_ath3k/badness in hci_uart",
} "refsource": "MLIST",
] "url": "https://lkml.org/lkml/2010/10/7/255"
} },
} {
"name": "SUSE-SA:2011:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
},
{
"name": "ADV-2011-0168",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0168"
},
{
"name": "http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2010/12/01/cve-2010-4242-linux-kernel-bluetooth-hci-uart-invalid-pointer-access/"
},
{
"name": "43291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43291"
}
]
}
}

150
2010/4xxx/CVE-2010-4275.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4275", "ID": "CVE-2010-4275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15766", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15766" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php."
{ }
"name" : "45481", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/45481" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42364", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42364" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "radiusmanager-admin-xss(64199)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64199" ]
} },
] "references": {
} "reference_data": [
} {
"name": "radiusmanager-admin-xss(64199)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64199"
},
{
"name": "15766",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15766"
},
{
"name": "45481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45481"
},
{
"name": "42364",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42364"
}
]
}
}

34
2010/4xxx/CVE-2010-4621.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4621", "ID": "CVE-2010-4621",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2010/4xxx/CVE-2010-4915.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4915", "ID": "CVE-2010-4915",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14933", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/14933" "lang": "eng",
}, "value": "SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action."
{ }
"name" : "http://packetstormsecurity.org/1009-exploits/coldbookmarks-sql.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/1009-exploits/coldbookmarks-sql.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "43035", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/43035" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41334", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/41334" ]
}, },
{ "references": {
"name" : "8449", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8449" "name": "41334",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/41334"
"name" : "coldbookmarks-index-sql-injection(61638)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61638" "name": "14933",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/14933"
} },
} {
"name": "43035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43035"
},
{
"name": "coldbookmarks-index-sql-injection(61638)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61638"
},
{
"name": "8449",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8449"
},
{
"name": "http://packetstormsecurity.org/1009-exploits/coldbookmarks-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/coldbookmarks-sql.txt"
}
]
}
}

150
2014/0xxx/CVE-2014-0296.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0296", "ID": "CVE-2014-0296",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka \"RDP MAC Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx" "lang": "eng",
}, "value": "The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for man-in-the-middle attackers to obtain sensitive information by sniffing the network or modify session content by sending crafted RDP packets, aka \"RDP MAC Vulnerability.\""
{ }
"name" : "MS14-030", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-030" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "67865", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/67865" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "58524", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/58524" ]
} },
] "references": {
} "reference_data": [
} {
"name": "MS14-030",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-030"
},
{
"name": "58524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58524"
},
{
"name": "67865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67865"
},
{
"name": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2014/06/10/assessing-risk-for-the-june-2014-security-updates.aspx"
}
]
}
}

150
2014/10xxx/CVE-2014-10018.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-10018", "ID": "CVE-2014-10018",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allows remote attackers to inject arbitrary web script or HTML via the essid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "31087", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/31087" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allows remote attackers to inject arbitrary web script or HTML via the essid parameter."
{ }
"name" : "65056", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/65056" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "102343", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/102343" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "teracom-essid-xss(90642)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90642" ]
} },
] "references": {
} "reference_data": [
} {
"name": "65056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65056"
},
{
"name": "31087",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31087"
},
{
"name": "teracom-essid-xss(90642)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90642"
},
{
"name": "102343",
"refsource": "OSVDB",
"url": "http://osvdb.org/102343"
}
]
}
}

150
2014/4xxx/CVE-2014-4282.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-4282", "ID": "CVE-2014-4282",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86."
{ }
"name" : "70520", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/70520" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031032", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031032" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "61593", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/61593" ]
} },
] "references": {
} "reference_data": [
} {
"name": "70520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70520"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "1031032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031032"
},
{
"name": "61593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61593"
}
]
}
}

130
2014/4xxx/CVE-2014-4300.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-4300", "ID": "CVE-2014-4300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-6452, CVE-2014-6454, and CVE-2014-6542."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4298, CVE-2014-4299, CVE-2014-6452, CVE-2014-6454, and CVE-2014-6542."
{ }
"name" : "70527", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/70527" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "70527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70527"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}
]
}
}

120
2014/4xxx/CVE-2014-4573.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4573", "ID": "CVE-2014-4573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) o parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codevigilant.com/disclosure/wp-plugin-walk-score-a3-cross-site-scripting-xss", "description_data": [
"refsource" : "MISC", {
"url" : "http://codevigilant.com/disclosure/wp-plugin-walk-score-a3-cross-site-scripting-xss" "lang": "eng",
} "value": "Multiple cross-site scripting (XSS) vulnerabilities in frame-maker.php in the Walk Score plugin 0.5.5 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or (2) o parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://codevigilant.com/disclosure/wp-plugin-walk-score-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-walk-score-a3-cross-site-scripting-xss"
}
]
}
}

250
2014/4xxx/CVE-2014-4653.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4653", "ID": "CVE-2014-4653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140626 Re: CVE Request: Linux kernel ALSA core control API vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/06/26/6" "lang": "eng",
}, "value": "sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fd9f26e4eca5d08a27d12c0933fceef76ed9663d", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fd9f26e4eca5d08a27d12c0933fceef76ed9663d" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1113409", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1113409" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/fd9f26e4eca5d08a27d12c0933fceef76ed9663d", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/fd9f26e4eca5d08a27d12c0933fceef76ed9663d" "name": "60545",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60545"
"name" : "RHSA-2014:1083", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1083.html" "name": "68164",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/68164"
"name" : "SUSE-SU-2015:0812", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html" "name": "USN-2335-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2335-1"
"name" : "USN-2334-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2334-1" "name": "USN-2334-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2334-1"
"name" : "USN-2335-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2335-1" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1113409",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1113409"
"name" : "68164", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68164" "name": "60564",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60564"
"name" : "59434", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59434" "name": "RHSA-2014:1083",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1083.html"
"name" : "59777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59777" "name": "59777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59777"
"name" : "60564", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60564" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fd9f26e4eca5d08a27d12c0933fceef76ed9663d",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fd9f26e4eca5d08a27d12c0933fceef76ed9663d"
"name" : "60545", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60545" "name": "59434",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/59434"
} },
} {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.2"
},
{
"name": "https://github.com/torvalds/linux/commit/fd9f26e4eca5d08a27d12c0933fceef76ed9663d",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/fd9f26e4eca5d08a27d12c0933fceef76ed9663d"
},
{
"name": "[oss-security] 20140626 Re: CVE Request: Linux kernel ALSA core control API vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/06/26/6"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
}
]
}
}

120
2014/8xxx/CVE-2014-8293.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8293", "ID": "CVE-2014-8293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the AMG_signin_topic parameter to index.php."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html"
}
]
}
}

150
2014/8xxx/CVE-2014-8488.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8488", "ID": "CVE-2014-8488",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141025 Yourls XSS Stored", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Oct/111" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality."
{ }
"name" : "FEDORA-2015-5965", ]
"refsource" : "FEDORA", },
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156596.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2015-5972", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156526.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-6002", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156564.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "FEDORA-2015-5965",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156596.html"
},
{
"name": "FEDORA-2015-5972",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156526.html"
},
{
"name": "FEDORA-2015-6002",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156564.html"
},
{
"name": "20141025 Yourls XSS Stored",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Oct/111"
}
]
}
}

120
2014/8xxx/CVE-2014-8532.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8532", "ID": "CVE-2014-8532",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10053", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10053" "lang": "eng",
} "value": "Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10053"
}
]
}
}

170
2014/8xxx/CVE-2014-8566.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8566", "ID": "CVE-2014-8566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a \"session overflow\" involving \"sessions overlapping in memory.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[modmellon] 20141103 Information disclosure vulnerability in version 0.8.0 of mod_auth_mellon", "description_data": [
"refsource" : "MLIST", {
"url" : "https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html" "lang": "eng",
}, "value": "The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a \"session overflow\" involving \"sessions overlapping in memory.\""
{ }
"name" : "https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-1803.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://linux.oracle.com/errata/ELSA-2014-1803.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2014:1803", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1803.html" ]
}, },
{ "references": {
"name" : "62094", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62094" "name": "http://linux.oracle.com/errata/ELSA-2014-1803.html",
}, "refsource": "CONFIRM",
{ "url": "http://linux.oracle.com/errata/ELSA-2014-1803.html"
"name" : "62125", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62125" "name": "RHSA-2014:1803",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2014-1803.html"
} },
} {
"name": "https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1",
"refsource": "CONFIRM",
"url": "https://github.com/UNINETT/mod_auth_mellon/releases/tag/v0.8.1"
},
{
"name": "62094",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62094"
},
{
"name": "62125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62125"
},
{
"name": "[modmellon] 20141103 Information disclosure vulnerability in version 0.8.0 of mod_auth_mellon",
"refsource": "MLIST",
"url": "https://postlister.uninett.no/sympa/arc/modmellon/2014-11/msg00000.html"
}
]
}
}

120
2014/8xxx/CVE-2014-8584.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8584", "ID": "CVE-2014-8584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wordpress.org/plugins/player/changelog", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/player/changelog" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/player/changelog",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/player/changelog"
}
]
}
}

230
2014/9xxx/CVE-2014-9050.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9050", "ID": "CVE-2014-9050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/11/22/1" "lang": "eng",
}, "value": "Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file."
{ }
"name" : "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html", ]
"refsource" : "CONFIRM", },
"url" : "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2014-15463", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2014:1571", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html" "name": "openSUSE-SU-2014:1560",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"
"name" : "SUSE-SU-2014:1574", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html" "name": "SUSE-SU-2014:1571",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"
"name" : "openSUSE-SU-2014:1560", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html" "name": "71242",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71242"
"name" : "USN-2423-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2423-1" "name": "FEDORA-2014-15463",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"
"name" : "71242", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71242" "name": "62542",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62542"
"name" : "1031268", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031268" "name": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html",
}, "refsource": "CONFIRM",
{ "url": "http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"
"name" : "59645", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59645" "name": "[oss-security] 20141122 Re: CVE request: heap buffer overflow in ClamAV",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/11/22/1"
"name" : "62542", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62542" "name": "59645",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/59645"
} },
} {
"name": "USN-2423-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2423-1"
},
{
"name": "1031268",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031268"
},
{
"name": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e",
"refsource": "CONFIRM",
"url": "https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"
},
{
"name": "SUSE-SU-2014:1574",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"
}
]
}
}

140
2014/9xxx/CVE-2014-9228.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@symantec.com",
"ID" : "CVE-2014-9228", "ID": "CVE-2014-9228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00" "lang": "eng",
}, "value": "sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition."
{ }
"name" : "75202", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75202" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032616", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032616" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00"
},
{
"name": "1032616",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75202"
}
]
}
}

210
2014/9xxx/CVE-2014-9274.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9274", "ID": "CVE-2014-9274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html" "lang": "eng",
}, "value": "UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string \"{\\cb-999999999\"."
{ }
"name" : "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/12/04/15" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1170233", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1170233" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://advisories.mageia.org/MGASA-2014-0533.html", ]
"refsource" : "CONFIRM", }
"url" : "http://advisories.mageia.org/MGASA-2014-0533.html" ]
}, },
{ "references": {
"name" : "DSA-3158", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3158" "name": "http://advisories.mageia.org/MGASA-2014-0533.html",
}, "refsource": "CONFIRM",
{ "url": "http://advisories.mageia.org/MGASA-2014-0533.html"
"name" : "FEDORA-2014-17281", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html" "name": "62811",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62811"
"name" : "GLSA-201507-06", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201507-06" "name": "FEDORA-2014-17281",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147399.html"
"name" : "MDVSA-2015:007", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007" "name": "[oss-security] 20141204 Re: CVE request: out-of-bounds memory access flaw in unrtf",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/12/04/15"
"name" : "71430", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71430" "name": "DSA-3158",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3158"
"name" : "62811", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62811" "name": "MDVSA-2015:007",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:007"
} },
} {
"name": "71430",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71430"
},
{
"name": "[bug-unrtf] 20141124 out-of-bounds memory access in unrtf",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/bug-unrtf/2014-11/msg00001.html"
},
{
"name": "GLSA-201507-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201507-06"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1170233"
}
]
}
}

180
2014/9xxx/CVE-2014-9527.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9527", "ID": "CVE-2014-9527",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://poi.apache.org/changes.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://poi.apache.org/changes.html" "lang": "eng",
}, "value": "HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file."
{ }
"name" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=57272", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.apache.org/bugzilla/show_bug.cgi?id=57272" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21996759", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21996759" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-2090", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150228.html" ]
}, },
{ "references": {
"name" : "RHSA-2016:1135", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1135" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21996759"
"name" : "77726", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77726" "name": "RHSA-2016:1135",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1135"
"name" : "61953", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61953" "name": "http://poi.apache.org/changes.html",
} "refsource": "CONFIRM",
] "url": "http://poi.apache.org/changes.html"
} },
} {
"name": "77726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77726"
},
{
"name": "61953",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61953"
},
{
"name": "FEDORA-2015-2090",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150228.html"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57272",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57272"
}
]
}
}

34
2014/9xxx/CVE-2014-9722.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9722", "ID": "CVE-2014-9722",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2014/9xxx/CVE-2014-9821.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9821", "ID": "CVE-2014-9821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141224 Imagemagick fuzzing bug", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/24/1" "lang": "eng",
}, "value": "Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file."
{ }
"name" : "[oss-security] 20160602 Re: ImageMagick CVEs", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/02/13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330", "description": [
"refsource" : "CONFIRM", {
"url" : "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343477", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343477" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330",
"refsource": "CONFIRM",
"url": "https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/commit/?h=debian-patches/6.8.9.9-4-for-upstream&id=0a89a1ccca6e7ee059b73f5cc924513383e8a330"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343477"
},
{
"name": "[oss-security] 20160602 Re: ImageMagick CVEs",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/02/13"
},
{
"name": "[oss-security] 20141224 Imagemagick fuzzing bug",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/24/1"
}
]
}
}

130
2016/3xxx/CVE-2016-3097.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-3097", "ID": "CVE-2016-3097",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322747", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322747" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data."
{ }
"name" : "RHSA-2016:1484", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1484.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1322747",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1322747"
},
{
"name": "RHSA-2016:1484",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1484.html"
}
]
}
}

150
2016/3xxx/CVE-2016-3324.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3324", "ID": "CVE-2016-3324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40748", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40748/" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
{ }
"name" : "MS16-104", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92809", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92809" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036788", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036788" ]
} },
] "references": {
} "reference_data": [
} {
"name": "92809",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92809"
},
{
"name": "MS16-104",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104"
},
{
"name": "40748",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40748/"
},
{
"name": "1036788",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036788"
}
]
}
}

140
2016/3xxx/CVE-2016-3389.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3389", "ID": "CVE-2016-3389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3386, CVE-2016-7190, and CVE-2016-7194."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-119", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-119" "lang": "eng",
}, "value": "The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-3386, CVE-2016-7190, and CVE-2016-7194."
{ }
"name" : "93398", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93398" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036993", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036993" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS16-119",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-119"
},
{
"name": "93398",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93398"
},
{
"name": "1036993",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036993"
}
]
}
}

34
2016/6xxx/CVE-2016-6478.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6478", "ID": "CVE-2016-6478",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/6xxx/CVE-2016-6780.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-6780", "ID": "CVE-2016-6780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the HTC sound codec driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31251496."
{ }
"name" : "94675", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94675" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "94675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94675"
}
]
}
}

226
2016/6xxx/CVE-2016-6794.json
View File

@ -1,115 +1,115 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@apache.org", "ASSIGNER": "security@apache.org",
"DATE_PUBLIC" : "2016-10-27T00:00:00", "DATE_PUBLIC": "2016-10-27T00:00:00",
"ID" : "CVE-2016-6794", "ID": "CVE-2016-6794",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Apache Tomcat", "product_name": "Apache Tomcat",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.0.M1 to 9.0.0.M9" "version_value": "9.0.0.M1 to 9.0.0.M9"
}, },
{ {
"version_value" : "8.5.0 to 8.5.4" "version_value": "8.5.0 to 8.5.4"
}, },
{ {
"version_value" : "8.0.0.RC1 to 8.0.36" "version_value": "8.0.0.RC1 to 8.0.36"
}, },
{ {
"version_value" : "7.0.0 to 7.0.70" "version_value": "7.0.0 to 7.0.70"
}, },
{ {
"version_value" : "6.0.0 to 6.0.45" "version_value": "6.0.0 to 6.0.45"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Apache Software Foundation" "vendor_name": "Apache Software Foundation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3E" "lang": "eng",
}, "value": "When a SecurityManager is configured, a web application's ability to read system properties should be controlled by the SecurityManager. In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70, 6.0.0 to 6.0.45 the system property replacement feature for configuration files could be used by a malicious web application to bypass the SecurityManager and read system properties that should not be visible."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180605-0001/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180605-0001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3720", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3720" "lang": "eng",
}, "value": "Information Disclosure"
{ }
"name" : "RHSA-2017:0455", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2017:0455" ]
}, },
{ "references": {
"name" : "RHSA-2017:0456", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0456" "name": "https://security.netapp.com/advisory/ntap-20180605-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180605-0001/"
"name" : "RHSA-2017:0457", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0457.html" "name": "[announce] 20161027 [SECURITY] CVE-2016-6794 Apache Tomcat Security System Property Disclosure",
}, "refsource": "MLIST",
{ "url": "https://lists.apache.org/thread.html/09d2f2c65ac4ff5da42f15dc2b0f78b655e50f1a42e8a9784134a9eb@%3Cannounce.tomcat.apache.org%3E"
"name" : "RHSA-2017:2247", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:2247" "name": "RHSA-2017:2247",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:2247"
"name" : "93943", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93943" "name": "RHSA-2017:0457",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"
"name" : "1037143", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037143" "name": "RHSA-2017:0455",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2017:0455"
} },
} {
"name": "1037143",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037143"
},
{
"name": "DSA-3720",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3720"
},
{
"name": "93943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93943"
},
{
"name": "RHSA-2017:0456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0456"
}
]
}
}

140
2016/7xxx/CVE-2016-7264.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-7264", "ID": "CVE-2016-7264",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka \"Microsoft Office Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-148", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148" "lang": "eng",
}, "value": "Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka \"Microsoft Office Information Disclosure Vulnerability.\""
{ }
"name" : "94769", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94769" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037441", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037441" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS16-148",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148"
},
{
"name": "1037441",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037441"
},
{
"name": "94769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94769"
}
]
}
}

34
2016/7xxx/CVE-2016-7368.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7368", "ID": "CVE-2016-7368",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2016/7xxx/CVE-2016-7516.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-7516", "ID": "CVE-2016-7516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/22/2" "lang": "eng",
}, "value": "The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file."
{ }
"name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378743", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378743" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/issues/77", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ImageMagick/ImageMagick/issues/77" ]
}, },
{ "references": {
"name" : "93129", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93129" "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452",
} "refsource": "CONFIRM",
] "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1533452"
} },
} {
"name": "93129",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93129"
},
{
"name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378743"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/77",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/77"
}
]
}
}

34
2016/7xxx/CVE-2016-7703.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7703", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7703",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

160
2016/7xxx/CVE-2016-7814.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7814", "ID": "CVE-2016-7814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "TS-WRLP", "product_name": "TS-WRLP",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "firmware version 1.00.01 and earlier" "version_value": "firmware version 1.00.01 and earlier"
} }
] ]
} }
}, },
{ {
"product_name" : "TS-WRLA", "product_name": "TS-WRLA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "firmware version 1.00.01 and earlier" "version_value": "firmware version 1.00.01 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "I-O DATA DEVICE, INC." "vendor_name": "I-O DATA DEVICE, INC."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.iodata.jp/support/information/2016/ts-wrlap/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.iodata.jp/support/information/2016/ts-wrlap/" "lang": "eng",
}, "value": "I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors."
{ }
"name" : "JVN#34103586", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN34103586/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94250", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94250" "lang": "eng",
} "value": "Information Disclosure"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "94250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94250"
},
{
"name": "http://www.iodata.jp/support/information/2016/ts-wrlap/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2016/ts-wrlap/"
},
{
"name": "JVN#34103586",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN34103586/index.html"
}
]
}
}

148
2016/8xxx/CVE-2016-8494.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@fortinet.com", "ASSIGNER": "psirt@fortinet.com",
"ID" : "CVE-2016-8494", "ID": "CVE-2016-8494",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Fortinet Connect", "product_name": "Fortinet Connect",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "14.2" "version_value": "14.2"
}, },
{ {
"version_value" : "14.10" "version_value": "14.10"
}, },
{ {
"version_value" : "15.10" "version_value": "15.10"
}, },
{ {
"version_value" : "16.7" "version_value": "16.7"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Fortinet" "vendor_name": "Fortinet"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Privilege escalation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://fortiguard.com/advisory/FG-IR-16-080", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://fortiguard.com/advisory/FG-IR-16-080" "lang": "eng",
}, "value": "Insufficient verification of uploaded files allows attackers with webui administrators privileges to perform arbitrary code execution by uploading a new webui theme."
{ }
"name" : "96159", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96159" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://fortiguard.com/advisory/FG-IR-16-080",
"refsource": "CONFIRM",
"url": "https://fortiguard.com/advisory/FG-IR-16-080"
},
{
"name": "96159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96159"
}
]
}
}

120
2016/8xxx/CVE-2016-8718.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2016-8718", "ID": "CVE-2016-8718",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client", "product_name": "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.1" "version_value": "1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Moxa" "vendor_name": "Moxa"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0232/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0232/" "lang": "eng",
} "value": "An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an authentic request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0232/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0232/"
}
]
}
}