admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:18:03 +00:00
parent 193e4e0b43
commit ba01e4646e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 3799 additions and 3799 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

128
2006/0xxx/CVE-2006-0130.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0130", "ID": "CVE-2006-0130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account names and passwords without denying connections, limiting the rate of connections, or locking out an account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060104 Rockliffe Mailsite User Enumeration Flaw", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/040970.html" "lang": "eng",
}, "value": "Mail Management Agent (MAILMA) (aka Mail Management Server) in Rockliffe MailSite 7.0.3.1 and earlier allows remote attackers to attempt authentication with an unlimited number of user account names and passwords without denying connections, limiting the rate of connections, or locking out an account."
{ }
"name" : "http://zur.homelinux.com/Advisories/RockliffeMailsiteUserEnum.txt", ]
"refsource" : "MISC", },
"url" : "http://zur.homelinux.com/Advisories/RockliffeMailsiteUserEnum.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://zur.homelinux.com/Advisories/RockliffeMailsiteUserEnum.txt",
"refsource": "MISC",
"url": "http://zur.homelinux.com/Advisories/RockliffeMailsiteUserEnum.txt"
},
{
"name": "20060104 Rockliffe Mailsite User Enumeration Flaw",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/040970.html"
}
]
}
} }

188
2006/0xxx/CVE-2006-0256.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0256", "ID": "CVE-2006-0256",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01."
{ }
"name" : "VU#545804", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/545804" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16287", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16287" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0243", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0243" ]
}, },
{ "references": {
"name" : "ADV-2006-0323", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0323" "name": "18493",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18493"
"name" : "1015499", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015499" "name": "ADV-2006-0323",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0323"
"name" : "18493", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18493" "name": "16287",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16287"
"name" : "18608", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18608" "name": "VU#545804",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/545804"
} },
{
"name": "1015499",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015499"
},
{
"name": "ADV-2006-0243",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0243"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
},
{
"name": "18608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18608"
}
]
}
} }

168
2006/0xxx/CVE-2006-0719.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0719", "ID": "CVE-2006-0719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060214 SQL injection in PHP Classifieds 6.20", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424955/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter."
{ }
"name" : "http://www.deltascripts.com/board/viewtopic.php?id=7234", ]
"refsource" : "CONFIRM", },
"url" : "http://www.deltascripts.com/board/viewtopic.php?id=7234" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16642", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16642" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0600", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0600" ]
}, },
{ "references": {
"name" : "18881", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18881" "name": "20060214 SQL injection in PHP Classifieds 6.20",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/424955/100/0/threaded"
"name" : "424", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/424" "name": "ADV-2006-0600",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/0600"
} },
{
"name": "18881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18881"
},
{
"name": "424",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/424"
},
{
"name": "16642",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16642"
},
{
"name": "http://www.deltascripts.com/board/viewtopic.php?id=7234",
"refsource": "CONFIRM",
"url": "http://www.deltascripts.com/board/viewtopic.php?id=7234"
}
]
}
} }

228
2006/0xxx/CVE-2006-0992.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0992", "ID": "CVE-2006-0992",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060413 ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/430911/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-06-008.html", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-06-008.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://cirt.dk/advisories/cirt-42-advisory.txt", "description": [
"refsource" : "MISC", {
"url" : "http://cirt.dk/advisories/cirt-42-advisory.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://metasploit.blogspot.com/2006/04/exploit-development-groupwise_14.html", ]
"refsource" : "MISC", }
"url" : "http://metasploit.blogspot.com/2006/04/exploit-development-groupwise_14.html" ]
}, },
{ "references": {
"name" : "1679", "reference_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1679" "name": "http://metasploit.blogspot.com/2006/04/exploit-development-groupwise_14.html",
}, "refsource": "MISC",
{ "url": "http://metasploit.blogspot.com/2006/04/exploit-development-groupwise_14.html"
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100861.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100861.htm" "name": "http://www.zerodayinitiative.com/advisories/ZDI-06-008.html",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-06-008.html"
"name" : "17503", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17503" "name": "24617",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24617"
"name" : "ADV-2006-1355", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1355" "name": "ADV-2006-1355",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1355"
"name" : "24617", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24617" "name": "groupwise-accept-language-bo(25828)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25828"
"name" : "1015911", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015911" "name": "19663",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19663"
"name" : "19663", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19663" "name": "20060413 ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/430911/100/0/threaded"
"name" : "groupwise-accept-language-bo(25828)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25828" "name": "1679",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/1679"
} },
{
"name": "1015911",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015911"
},
{
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100861.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100861.htm"
},
{
"name": "http://cirt.dk/advisories/cirt-42-advisory.txt",
"refsource": "MISC",
"url": "http://cirt.dk/advisories/cirt-42-advisory.txt"
},
{
"name": "17503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17503"
}
]
}
} }

228
2006/1xxx/CVE-2006-1217.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1217", "ID": "CVE-2006-1217",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060324 [eVuln] DSPoll Multiple SQL Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/428663/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php."
{ }
"name" : "http://evuln.com/vulns/96/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/96/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17103", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17103" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0932", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0932" ]
}, },
{ "references": {
"name" : "23879", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23879" "name": "23881",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23881"
"name" : "23880", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23880" "name": "19209",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19209"
"name" : "23881", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/23881" "name": "1015758",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015758"
"name" : "1015758", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015758" "name": "23879",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23879"
"name" : "19209", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19209" "name": "17103",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17103"
"name" : "620", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/620" "name": "23880",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/23880"
"name" : "622", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/622" "name": "dspoll-pollid-sql-injection(25192)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25192"
"name" : "dspoll-pollid-sql-injection(25192)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25192" "name": "620",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/620"
} },
{
"name": "20060324 [eVuln] DSPoll Multiple SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/428663/100/0/threaded"
},
{
"name": "622",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/622"
},
{
"name": "ADV-2006-0932",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0932"
},
{
"name": "http://evuln.com/vulns/96/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/96/summary.html"
}
]
}
} }

318
2006/1xxx/CVE-2006-1353.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1353", "ID": "CVE-2006-1353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/428355/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the downloadid parameter in download_click.asp and (2) content_ID parameter in news/News_Item.asp; authenticated administrators can also conduct attacks via (3) user_id parameter to users/add_edit_user.asp, (4) bannerid parameter to banner_adds/banner_add_edit.asp, (5) cat_id parameter to categories/add_edit_cat.asp, (6) Content_ID parameter to News/add_edit_news.asp, (7) download_id parameter to downloads/add_edit_download.asp, (8) Poll_ID parameter to poll/add_edit_poll.asp, (9) contactid parameter to contactus/contactus_add_edit.asp, (10) sortby parameter to poll/poll_list.asp, and (11) unspecified inputs to downloads/add_edit_download.asp."
{ }
"name" : "20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/428615/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities", "description": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses", ]
"refsource" : "FULLDISC", }
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html" ]
}, },
{ "references": {
"name" : "http://www.nukedx.com/?viewdoc=21", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.nukedx.com/?viewdoc=21" "name": "20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1431.html"
"name" : "1597", },
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1597" "name": "24091",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24091"
"name" : "17174", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17174" "name": "19286",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19286"
"name" : "ADV-2006-1014", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1014" "name": "24092",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24092"
"name" : "24020", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24020" "name": "24090",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24090"
"name" : "24084", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24084" "name": "http://www.nukedx.com/?viewdoc=21",
}, "refsource": "MISC",
{ "url": "http://www.nukedx.com/?viewdoc=21"
"name" : "24085", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24085" "name": "24086",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24086"
"name" : "24086", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24086" "name": "aspportal-multiple-aspscripts-sql-injection(25346)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346"
"name" : "24087", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24087" "name": "608",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/608"
"name" : "24088", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24088" "name": "24085",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24085"
"name" : "24089", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24089" "name": "20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/428355/100/0/threaded"
"name" : "24090", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24090" "name": "20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/428615/100/0/threaded"
"name" : "24091", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24091" "name": "24084",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24084"
"name" : "24092", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24092" "name": "17174",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17174"
"name" : "19286", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19286" "name": "ADV-2006-1014",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1014"
"name" : "608", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/608" "name": "24020",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/24020"
"name" : "aspportal-multiple-aspscripts-sql-injection(25346)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25346" "name": "24087",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/24087"
} },
{
"name": "24088",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24088"
},
{
"name": "24089",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24089"
},
{
"name": "1597",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1597"
},
{
"name": "20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1402.html"
}
]
}
} }

198
2006/1xxx/CVE-2006-1459.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1459", "ID": "CVE-2006-1459",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060512 Apple QuickDraw/QuickTime Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/433831/100/0/threaded" "lang": "eng",
}, "value": "Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV)."
{ }
"name" : "APPLE-SA-2006-05-11", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2006/May/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA06-132B", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-132B.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17953", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17953" ]
}, },
{ "references": {
"name" : "ADV-2006-1778", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1778" "name": "20069",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20069"
"name" : "1016067", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016067" "name": "APPLE-SA-2006-05-11",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2006/May/msg00002.html"
"name" : "20069", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20069" "name": "1016067",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016067"
"name" : "887", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/887" "name": "TA06-132B",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-132B.html"
"name" : "quicktime-mov-overflow(26392)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26392" "name": "quicktime-mov-overflow(26392)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26392"
} },
{
"name": "887",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/887"
},
{
"name": "17953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17953"
},
{
"name": "ADV-2006-1778",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1778"
},
{
"name": "20060512 Apple QuickDraw/QuickTime Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433831/100/0/threaded"
}
]
}
} }

138
2006/4xxx/CVE-2006-4420.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4420", "ID": "CVE-2006-4420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via \"..\" sequences in the lang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2253", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2253" "lang": "eng",
}, "value": "Directory traversal vulnerability in include_lang.php in Phaos 0.9.2 allows remote attackers to include arbitrary local files via \"..\" sequences in the lang parameter."
{ }
"name" : "19710", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19710" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phaos-includelang-file-include(28565)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28565" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "2253",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2253"
},
{
"name": "19710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19710"
},
{
"name": "phaos-includelang-file-include(28565)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28565"
}
]
}
} }

388
2006/4xxx/CVE-2006-4486.json
View File

@ -1,197 +1,197 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4486", "ID": "CVE-2006-4486",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061005 rPSA-2006-0182-1 php php-mysql php-pgsql", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447866/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memory_limit restriction."
{ }
"name" : "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14", ]
"refsource" : "MISC", },
"url" : "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.php.net/ChangeLog-5.php#5.1.6", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php#5.1.6" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.php.net/release_5_1_6.php", ]
"refsource" : "CONFIRM", }
"url" : "http://www.php.net/release_5_1_6.php" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-683", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-683" "name": "1016984",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016984"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm" "name": "https://issues.rpath.com/browse/RPL-683",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-683"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm" "name": "RHSA-2006:0669",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0669.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm" "name": "oval:org.mitre.oval:def:11086",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086"
"name" : "DSA-1331", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1331" "name": "22487",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22487"
"name" : "RHSA-2006:0669", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0669.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-221.htm"
"name" : "RHSA-2006:0682", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0682.html" "name": "TLSA-2006-38",
}, "refsource": "TURBO",
{ "url": "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt"
"name" : "RHSA-2006:0688", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0688.html" "name": "RHSA-2006:0688",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0688.html"
"name" : "20061001-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc" "name": "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14",
}, "refsource": "MISC",
{ "url": "http://www.hardened-php.net/hphp/changelog.html#hardening_patch_0.4.14"
"name" : "SUSE-SA:2006:052", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_52_php.html" "name": "USN-362-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-362-1"
"name" : "TLSA-2006-38", },
"refsource" : "TURBO", {
"url" : "http://www.turbolinux.com/security/2006/TLSA-2006-38.txt" "name": "19582",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19582"
"name" : "USN-362-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-362-1" "name": "http://www.php.net/ChangeLog-5.php#5.1.6",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php#5.1.6"
"name" : "19582", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19582" "name": "22004",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22004"
"name" : "oval:org.mitre.oval:def:11086", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11086" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-222.htm"
"name" : "1016984", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016984" "name": "22538",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22538"
"name" : "21546", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21546" "name": "RHSA-2006:0682",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0682.html"
"name" : "22004", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22004" "name": "21546",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21546"
"name" : "22069", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22069" "name": "22440",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22440"
"name" : "22225", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22225" "name": "20061005 rPSA-2006-0182-1 php php-mysql php-pgsql",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447866/100/0/threaded"
"name" : "22440", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22440" "name": "DSA-1331",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1331"
"name" : "22538", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22538" "name": "22069",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22069"
"name" : "22487", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22487" "name": "22225",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22225"
"name" : "22331", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22331" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-223.htm"
"name" : "25945", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25945" "name": "25945",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25945"
} },
{
"name": "22331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22331"
},
{
"name": "http://www.php.net/release_5_1_6.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/release_5_1_6.php"
},
{
"name": "20061001-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"name": "SUSE-SA:2006:052",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
}
]
}
} }

168
2006/5xxx/CVE-2006-5112.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5112", "ID": "CVE-2006-5112",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2445", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2445" "lang": "eng",
}, "value": "Buffer overflow in InterVations NaviCOPA Web Server 2.01 allows remote attackers to execute arbitrary code via a long HTTP GET request."
{ }
"name" : "VU#693992", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/693992" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20250", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20250" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3819", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3819" ]
}, },
{ "references": {
"name" : "22124", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22124" "name": "22124",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22124"
"name" : "navicopa-http-get-bo(29221)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29221" "name": "navicopa-http-get-bo(29221)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29221"
} },
{
"name": "20250",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20250"
},
{
"name": "ADV-2006-3819",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3819"
},
{
"name": "2445",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2445"
},
{
"name": "VU#693992",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/693992"
}
]
}
} }

198
2006/5xxx/CVE-2006-5210.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5210", "ID": "CVE-2006-5210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded \"../\" sequences (\"%252e%252e/\")."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061013 SYMSA-2006-010: Directory Traversal in IronWebMail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/448779/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in IronWebMail before 6.1.1 HotFix-17 allows remote attackers to read arbitrary files via a GET request to the IM_FILE identifier with double-url-encoded \"../\" sequences (\"%252e%252e/\")."
{ }
"name" : "https://supportcenter.ciphertrust.com/vulnerability/IWM501-01.html", ]
"refsource" : "MISC", },
"url" : "https://supportcenter.ciphertrust.com/vulnerability/IWM501-01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.symantec.com/enterprise/research/SYMSA-2006-010.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.symantec.com/enterprise/research/SYMSA-2006-010.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20436", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/20436" ]
}, },
{ "references": {
"name" : "ADV-2006-4055", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4055" "name": "https://supportcenter.ciphertrust.com/vulnerability/IWM501-01.html",
}, "refsource": "MISC",
{ "url": "https://supportcenter.ciphertrust.com/vulnerability/IWM501-01.html"
"name" : "1017069", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017069" "name": "1017069",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017069"
"name" : "22406", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22406" "name": "ADV-2006-4055",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4055"
"name" : "1726", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1726" "name": "20436",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20436"
"name" : "ironwebmail-url-directory-traversal(29620)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29620" "name": "22406",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22406"
} },
{
"name": "ironwebmail-url-directory-traversal(29620)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29620"
},
{
"name": "20061013 SYMSA-2006-010: Directory Traversal in IronWebMail",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448779/100/0/threaded"
},
{
"name": "1726",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1726"
},
{
"name": "http://www.symantec.com/enterprise/research/SYMSA-2006-010.txt",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/research/SYMSA-2006-010.txt"
}
]
}
} }

168
2010/2xxx/CVE-2010-2878.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2010-2878", "ID": "CVE-2010-2878",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100824 TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/513298/100/0/threaded" "lang": "eng",
}, "value": "DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associated with a buffer seek for a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie."
{ }
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-10", ]
"refsource" : "MISC", },
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-10-10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-20.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-20.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:11883", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11883" ]
}, },
{ "references": {
"name" : "1024361", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024361" "name": "1024361",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1024361"
"name" : "ADV-2010-2176", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2176" "name": "http://www.adobe.com/support/security/bulletins/apsb10-20.html",
} "refsource": "CONFIRM",
] "url": "http://www.adobe.com/support/security/bulletins/apsb10-20.html"
} },
{
"name": "20100824 TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/513298/100/0/threaded"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-10",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-10-10"
},
{
"name": "oval:org.mitre.oval:def:11883",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11883"
},
{
"name": "ADV-2010-2176",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2176"
}
]
}
} }

118
2010/2xxx/CVE-2010-2984.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2984", "ID": "CVE-2010-2984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html" "lang": "eng",
} "value": "Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html"
}
]
}
} }

138
2010/3xxx/CVE-2010-3258.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3258", "ID": "CVE-2010-3258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=52682", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=52682" "lang": "eng",
}, "value": "The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize parameters, which has unspecified impact and remote attack vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12133", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12133" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://code.google.com/p/chromium/issues/detail?id=52682",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=52682"
},
{
"name": "oval:org.mitre.oval:def:12133",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12133"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/09/stable-and-beta-channel-updates.html"
}
]
}
} }

128
2010/3xxx/CVE-2010-3504.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3504", "ID": "CVE-2010-3504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors."
{ }
"name" : "TA10-287A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}
} }

288
2010/3xxx/CVE-2010-3766.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3766", "ID": "CVE-2010-3766",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-264/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-264/" "lang": "eng",
}, "value": "Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node."
{ }
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=590771", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=590771" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100124650", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100124650" ]
}, },
{ "references": {
"name" : "FEDORA-2010-18773", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html" "name": "SUSE-SA:2011:003",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html"
"name" : "FEDORA-2010-18775", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html" "name": "FEDORA-2010-18775",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052022.html"
"name" : "FEDORA-2010-18890", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html" "name": "MDVSA-2010:251",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251"
"name" : "FEDORA-2010-18920", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html" "name": "http://support.avaya.com/css/P8/documents/100124650",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100124650"
"name" : "MDVSA-2010:251", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:251" "name": "RHSA-2010:0966",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2010-0966.html"
"name" : "RHSA-2010:0966", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0966.html" "name": "USN-1019-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1019-1"
"name" : "SUSE-SA:2011:003", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html" "name": "42818",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42818"
"name" : "USN-1019-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1019-1" "name": "45326",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45326"
"name" : "45326", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45326" "name": "oval:org.mitre.oval:def:12649",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12649"
"name" : "oval:org.mitre.oval:def:12649", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12649" "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-264/",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-264/"
"name" : "1024848", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024848" "name": "1024848",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1024848"
"name" : "42716", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42716" "name": "FEDORA-2010-18920",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052504.html"
"name" : "42818", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42818" "name": "ADV-2011-0030",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0030"
"name" : "ADV-2011-0030", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0030" "name": "FEDORA-2010-18890",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052502.html"
} },
{
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-80.html"
},
{
"name": "42716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42716"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=590771",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=590771"
},
{
"name": "FEDORA-2010-18773",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052032.html"
}
]
}
} }

32
2010/4xxx/CVE-2010-4140.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-4140", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-4140",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
} }
] ]
} }
} }

158
2010/4xxx/CVE-2010-4401.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4401", "ID": "CVE-2010-4401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15646", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15646" "lang": "eng",
}, "value": "languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."
{ }
"name" : "http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.htbridge.ch/advisory/path_disclosure_in_dynpg.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.htbridge.ch/advisory/path_disclosure_in_dynpg.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226", ]
"refsource" : "CONFIRM", }
"url" : "http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226" ]
}, },
{ "references": {
"name" : "69632", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/69632" "name": "http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226",
} "refsource": "CONFIRM",
] "url": "http://www.dynpg.org/cms-freeware_en.php?t=DynPG+Update+4.2.1+Security+Update&read_article=226"
} },
{
"name": "http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/96230/dynpg-lfisqldisclose.txt"
},
{
"name": "http://www.htbridge.ch/advisory/path_disclosure_in_dynpg.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/path_disclosure_in_dynpg.html"
},
{
"name": "15646",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15646"
},
{
"name": "69632",
"refsource": "OSVDB",
"url": "http://osvdb.org/69632"
}
]
}
} }

298
2010/4xxx/CVE-2010-4523.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4523", "ID": "CVE-2010-4523",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20101221 CVE request: opensc buffer overflow", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2010/12/21/2" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c."
{ }
"name" : "[oss-security] 20101222 Re: CVE request: opensc buffer overflow", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2010/12/22/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://labs.mwrinfosecurity.com/files/Advisories/mwri_opensc-get-serial-buffer-overflow_2010-12-13.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://labs.mwrinfosecurity.com/files/Advisories/mwri_opensc-get-serial-buffer-overflow_2010-12-13.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html", ]
"refsource" : "MISC", }
"url" : "http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html" ]
}, },
{ "references": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427" "name": "http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html",
}, "refsource": "MISC",
{ "url": "http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html"
"name" : "https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/692483", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/692483" "name": "43068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43068"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=664831", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=664831" "name": "ADV-2011-0212",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0212"
"name" : "https://www.opensc-project.org/opensc/changeset/4913", },
"refsource" : "CONFIRM", {
"url" : "https://www.opensc-project.org/opensc/changeset/4913" "name": "[oss-security] 20101222 Re: CVE request: opensc buffer overflow",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2010/12/22/3"
"name" : "FEDORA-2010-19192", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052796.html" "name": "https://www.opensc-project.org/opensc/changeset/4913",
}, "refsource": "CONFIRM",
{ "url": "https://www.opensc-project.org/opensc/changeset/4913"
"name" : "FEDORA-2010-19193", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052777.html" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427"
"name" : "MDVSA-2011:011", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:011" "name": "MDVSA-2011:011",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:011"
"name" : "SUSE-SR:2011:002", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" "name": "FEDORA-2010-19193",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052777.html"
"name" : "45435", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45435" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=664831",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=664831"
"name" : "42658", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42658" "name": "42807",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42807"
"name" : "42807", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42807" "name": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_opensc-get-serial-buffer-overflow_2010-12-13.pdf",
}, "refsource": "MISC",
{ "url": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_opensc-get-serial-buffer-overflow_2010-12-13.pdf"
"name" : "43068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43068" "name": "SUSE-SR:2011:002",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
"name" : "ADV-2011-0009", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0009" "name": "ADV-2011-0109",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0109"
"name" : "ADV-2011-0109", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0109" "name": "42658",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42658"
"name" : "ADV-2011-0212", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0212" "name": "ADV-2011-0009",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0009"
} },
{
"name": "https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/692483",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/692483"
},
{
"name": "FEDORA-2010-19192",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052796.html"
},
{
"name": "[oss-security] 20101221 CVE request: opensc buffer overflow",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/21/2"
},
{
"name": "45435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45435"
}
]
}
} }

138
2010/4xxx/CVE-2010-4924.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4924", "ID": "CVE-2010-4924",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14614", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/14614" "lang": "eng",
}, "value": "** DISPUTED ** PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows remote attackers to execute arbitrary PHP code via a URL in the actionPath parameter. NOTE: this issue has been disputed by a reliable third party."
{ }
"name" : "[vim] 20100811 clearBudget v0.9.8 Remote File Include Vulnerability", ]
"refsource" : "MLIST", },
"url" : "http://attrition.org/pipermail/vim/2010-August/002388.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42351", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/42351" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "14614",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14614"
},
{
"name": "[vim] 20100811 clearBudget v0.9.8 Remote File Include Vulnerability",
"refsource": "MLIST",
"url": "http://attrition.org/pipermail/vim/2010-August/002388.html"
},
{
"name": "42351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42351"
}
]
}
} }

138
2010/4xxx/CVE-2010-4982.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4982", "ID": "CVE-2010-4982",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "14326", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/14326" "lang": "eng",
}, "value": "SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer allows remote attackers to execute arbitrary SQL commands via the var1 parameter."
{ }
"name" : "ADV-2010-1785", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2010/1785" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "aco-contacts-sql-injection(60269)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/60269" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "aco-contacts-sql-injection(60269)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60269"
},
{
"name": "ADV-2010-1785",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1785"
},
{
"name": "14326",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14326"
}
]
}
} }

32
2014/10xxx/CVE-2014-10041.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-10041", "ID": "CVE-2014-10041",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/3xxx/CVE-2014-3210.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3210", "ID": "CVE-2014-3210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in dopbs-backend-forms.php in the Booking System (Booking Calendar) plugin before 1.3 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140521 Wordpress Booking System (Booking Calendar) plugin SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/532168/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in dopbs-backend-forms.php in the Booking System (Booking Calendar) plugin before 1.3 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the booking_form_id parameter to wp-admin/admin-ajax.php."
{ }
"name" : "http://wordpress.org/plugins/booking-system/changelog", ]
"refsource" : "MISC", },
"url" : "http://wordpress.org/plugins/booking-system/changelog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/126762/WordPress-Booking-System-SQL-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/126762/WordPress-Booking-System-SQL-Injection.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/126762/WordPress-Booking-System-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126762/WordPress-Booking-System-SQL-Injection.html"
},
{
"name": "http://wordpress.org/plugins/booking-system/changelog",
"refsource": "MISC",
"url": "http://wordpress.org/plugins/booking-system/changelog"
},
{
"name": "20140521 Wordpress Booking System (Booking Calendar) plugin SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532168/100/0/threaded"
}
]
}
} }

158
2014/3xxx/CVE-2014-3327.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-3327", "ID": "CVE-2014-3327",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140806 Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise" "lang": "eng",
}, "value": "The EnergyWise module in Cisco IOS 12.2, 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.2.xXO, 3.3.xSG, 3.4.xSG, and 3.5.xE before 3.5.3E allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCup52101."
{ }
"name" : "69066", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/69066" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030682", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030682" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "60650", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/60650" ]
}, },
{ "references": {
"name" : "ciscoios-xe-cve20143327-dos(95137)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95137" "name": "60650",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/60650"
} },
{
"name": "20140806 Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywise"
},
{
"name": "1030682",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030682"
},
{
"name": "ciscoios-xe-cve20143327-dos(95137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95137"
},
{
"name": "69066",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69066"
}
]
}
} }

148
2014/3xxx/CVE-2014-3554.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3554", "ID": "CVE-2014-3554",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140729 CVE-2014-3554: libndp buffer overflow", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/07/29/2" "lang": "eng",
}, "value": "Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1118583", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1118583" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "68945", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68945" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "libndp-cve20143554-bo(94927)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94927" ]
} },
] "references": {
} "reference_data": [
{
"name": "[oss-security] 20140729 CVE-2014-3554: libndp buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/29/2"
},
{
"name": "libndp-cve20143554-bo(94927)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94927"
},
{
"name": "68945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68945"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583"
}
]
}
} }

32
2014/3xxx/CVE-2014-3795.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-3795", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-3795",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

188
2014/4xxx/CVE-2014-4269.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-4269", "ID": "CVE-2014-4269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the Hyperion Common Admin component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface, a different vulnerability than CVE-2014-4270."
{ }
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" ]
}, },
{ "references": {
"name" : "68577", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68577" "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
"name" : "1030579", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030579" "name": "1030579",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1030579"
"name" : "59289", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59289" "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
"name" : "oracle-cpujul2014-cve20144269(94566)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94566" "name": "oracle-cpujul2014-cve20144269(94566)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94566"
} },
{
"name": "59289",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59289"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "68577",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68577"
}
]
}
} }

208
2014/4xxx/CVE-2014-4476.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4476", "ID": "CVE-2014-4476",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/HT204243", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204243" "lang": "eng",
}, "value": "WebKit, as used in Apple iOS before 8.1.3; Apple Safari before 6.2.3, 7.x before 7.1.3, and 8.x before 8.0.3; and Apple TV before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2014-4477 and CVE-2014-4479."
{ }
"name" : "http://support.apple.com/HT204245", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/HT204245" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/HT204246", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/kb/HT204949", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/kb/HT204949" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-01-27-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" "name": "1031647",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031647"
"name" : "APPLE-SA-2015-01-27-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" "name": "http://support.apple.com/HT204245",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204245"
"name" : "APPLE-SA-2015-01-27-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html" "name": "http://support.apple.com/HT204246",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204246"
"name" : "APPLE-SA-2015-06-30-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html" "name": "APPLE-SA-2015-06-30-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
"name" : "72329", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72329" "name": "http://support.apple.com/HT204243",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204243"
"name" : "1031647", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031647" "name": "APPLE-SA-2015-01-27-2",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
} },
{
"name": "APPLE-SA-2015-01-27-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT204949",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT204949"
},
{
"name": "72329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72329"
},
{
"name": "APPLE-SA-2015-01-27-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
}
]
}
} }

128
2014/8xxx/CVE-2014-8180.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-8180", "ID": "CVE-2014-8180",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod" "lang": "eng",
}, "value": "MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1301703", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1301703" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/documentation/en-us/red_hat_satellite/6.2/html/installation_guide/preparing_your_environment_for_installation#restricting_access_to_mongod"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1301703",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301703"
}
]
}
} }

128
2014/8xxx/CVE-2014-8363.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8363", "ID": "CVE-2014-8363",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/127771/WordPress-WPSS-0.62-SQL-Injection.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/127771/WordPress-WPSS-0.62-SQL-Injection.html" "lang": "eng",
}, "value": "SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for WordPress allows remote attackers to execute arbitrary SQL commands via the ss_id parameter."
{ }
"name" : "69089", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/69089" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/127771/WordPress-WPSS-0.62-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127771/WordPress-WPSS-0.62-SQL-Injection.html"
},
{
"name": "69089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69089"
}
]
}
} }

148
2014/8xxx/CVE-2014-8376.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8376", "ID": "CVE-2014-8376",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the \"Administer contexts\" Context UI module permission to inject arbitrary web script or HTML via vectors related to context settings."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2324689", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2324689" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the context administration sub-panel in the Site Banner module before 7.x-4.1 for Drupal allows remote authenticated users with the \"Administer contexts\" Context UI module permission to inject arbitrary web script or HTML via vectors related to context settings."
{ }
"name" : "https://www.drupal.org/node/2324303", ]
"refsource" : "CONFIRM", },
"url" : "https://www.drupal.org/node/2324303" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "69343", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69343" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "60758", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/60758" ]
} },
] "references": {
} "reference_data": [
{
"name": "60758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60758"
},
{
"name": "https://www.drupal.org/node/2324303",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2324303"
},
{
"name": "https://www.drupal.org/node/2324689",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2324689"
},
{
"name": "69343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69343"
}
]
}
} }

128
2014/9xxx/CVE-2014-9441.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9441", "ID": "CVE-2014-9441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) ll__opt[image2_url] or (3) ll__opt[image3_url] parameter in a ll_save_settings action to wp-admin/admin-ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/129507", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/129507" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) ll__opt[image2_url] or (3) ll__opt[image3_url] parameter in a ll_save_settings action to wp-admin/admin-ajax.php."
{ }
"name" : "lightboxphoto-wordpress-multiple-csrf(99490)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99490" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "lightboxphoto-wordpress-multiple-csrf(99490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99490"
},
{
"name": "http://packetstormsecurity.com/files/129507",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129507"
}
]
}
} }

138
2014/9xxx/CVE-2014-9469.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9469", "ID": "CVE-2014-9469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150212 CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Feb/49" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3.6.7, 3.8.7, 4.2.2, 5.0.5, and 5.1.3."
{ }
"name" : "http://packetstormsecurity.com/files/130393/vBulletin-5.1.3-Cross-Site-Scripting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/130393/vBulletin-5.1.3-Cross-Site-Scripting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "72592", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72592" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "72592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72592"
},
{
"name": "http://packetstormsecurity.com/files/130393/vBulletin-5.1.3-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130393/vBulletin-5.1.3-Cross-Site-Scripting.html"
},
{
"name": "20150212 CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Feb/49"
}
]
}
} }

148
2014/9xxx/CVE-2014-9487.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2014-9487", "ID": "CVE-2014-9487",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. NOTE: Related to CVE-2014-2053."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[MediaWiki-announce] 20141217 MediaWiki Security and Maintenance Releases: 1.24.1, 1.23.8, 1.22.15 and 1.19.23", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-December/000173.html" "lang": "eng",
}, "value": "The getid3 library in MediaWiki before 1.24.1, 1.23.8, 1.22.15 and 1.19.23 allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack. NOTE: Related to CVE-2014-2053."
{ }
"name" : "[oss-security] 20150103 Re: CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/01/03/13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1175828", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1175828" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201502-04", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201502-04" ]
} },
] "references": {
} "reference_data": [
{
"name": "[oss-security] 20150103 Re: CVE Request: Mediawiki security releases 1.24.1, 1.23.8, 1.22.15 and 1.19.23",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/13"
},
{
"name": "GLSA-201502-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201502-04"
},
{
"name": "[MediaWiki-announce] 20141217 MediaWiki Security and Maintenance Releases: 1.24.1, 1.23.8, 1.22.15 and 1.19.23",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-December/000173.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175828",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175828"
}
]
}
} }

178
2014/9xxx/CVE-2014-9634.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-9634", "ID": "CVE-2014-9634",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150122 Re: ping on CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not, set for cookies with Jenkins on Tomcat", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/01/22/3" "lang": "eng",
}, "value": "Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session."
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185148", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185148" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710" ]
}, },
{ "references": {
"name" : "https://issues.jenkins-ci.org/browse/JENKINS-25019", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.jenkins-ci.org/browse/JENKINS-25019" "name": "[oss-security] 20150122 Re: ping on CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not, set for cookies with Jenkins on Tomcat",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/01/22/3"
"name" : "https://jenkins.io/changelog-old/", },
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/changelog-old/" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185148",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185148"
"name" : "72054", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72054" "name": "https://jenkins.io/changelog-old/",
} "refsource": "CONFIRM",
] "url": "https://jenkins.io/changelog-old/"
} },
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682"
},
{
"name": "https://issues.jenkins-ci.org/browse/JENKINS-25019",
"refsource": "CONFIRM",
"url": "https://issues.jenkins-ci.org/browse/JENKINS-25019"
},
{
"name": "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710",
"refsource": "CONFIRM",
"url": "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710"
},
{
"name": "72054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72054"
}
]
}
} }

188
2014/9xxx/CVE-2014-9639.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-9639", "ID": "CVE-2014-9639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150119 vorbis-tools issues", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Jan/78" "lang": "eng",
}, "value": "Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access."
{ }
"name" : "[oss-security] 20150121 CVE request: two issues in vorbis-tools", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/01/21/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/01/22/9" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://trac.xiph.org/ticket/2136", ]
"refsource" : "MISC", }
"url" : "https://trac.xiph.org/ticket/2136" ]
}, },
{ "references": {
"name" : "FEDORA-2015-2330", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html" "name": "72295",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/72295"
"name" : "FEDORA-2015-2335", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html" "name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
"name" : "openSUSE-SU-2015:0522", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html" "name": "FEDORA-2015-2335",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
"name" : "72295", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72295" "name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
} },
{
"name": "openSUSE-SU-2015:0522",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "https://trac.xiph.org/ticket/2136",
"refsource": "MISC",
"url": "https://trac.xiph.org/ticket/2136"
},
{
"name": "FEDORA-2015-2330",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
}
]
}
} }

138
2014/9xxx/CVE-2014-9892.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2014-9892", "ID": "CVE-2014-9892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-08-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-08-01.html" "lang": "eng",
}, "value": "The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92222", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92222" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "92222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92222"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=591b1f455c32206704cbcf426bb30911c260c33e"
}
]
}
} }

118
2016/2xxx/CVE-2016-2028.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2028", "ID": "CVE-2016-2028",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" "lang": "eng",
} "value": "HPE Matrix Operating Environment before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-4357."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
}
]
}
} }

118
2016/2xxx/CVE-2016-2467.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-2467", "ID": "CVE-2016-2467",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-06-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-06-01.html" "lang": "eng",
} "value": "The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-06-01.html"
}
]
}
} }

32
2016/2xxx/CVE-2016-2633.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2633", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2633",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

32
2016/2xxx/CVE-2016-2764.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2764", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2764",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

158
2016/3xxx/CVE-2016-3037.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-3037", "ID": "CVE-2016-3037",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cognos TM1", "product_name": "Cognos TM1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.1" "version_value": "10.1"
}, },
{ {
"version_value" : "10.1.1" "version_value": "10.1.1"
}, },
{ {
"version_value" : "10.2.0.2" "version_value": "10.2.0.2"
}, },
{ {
"version_value" : "10.2.2" "version_value": "10.2.2"
}, },
{ {
"version_value" : "10.1.1.2" "version_value": "10.1.1.2"
}, },
{ {
"version_value" : "10.2" "version_value": "10.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21999649", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21999649" "lang": "eng",
}, "value": "IBM Cognos TM1 10.1 and 10.2 provides a service to return the victim's password with a valid session key. An authenticated attacker with user interaction could obtain this sensitive information. IBM X-Force ID: 114613."
{ }
"name" : "97917", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97917" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999649",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999649"
},
{
"name": "97917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97917"
}
]
}
} }

138
2016/3xxx/CVE-2016-3903.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3903", "ID": "CVE-2016-3903",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29513227 and Qualcomm internal bug CR 1040857."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-10-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-10-01.html" "lang": "eng",
}, "value": "drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm camera driver in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 29513227 and Qualcomm internal bug CR 1040857."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=b8874573428e8ce024f57c6242d662fcca5e5d55", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=b8874573428e8ce024f57c6242d662fcca5e5d55" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93322", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93322" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93322"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=b8874573428e8ce024f57c6242d662fcca5e5d55",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=b8874573428e8ce024f57c6242d662fcca5e5d55"
}
]
}
} }

140
2016/6xxx/CVE-2016-6033.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-6033", "ID": "CVE-2016-6033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Tivoli Storage Manager for Virtual Environments", "product_name": "Tivoli Storage Manager for Virtual Environments",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.3" "version_value": "6.3"
}, },
{ {
"version_value" : "6.4" "version_value": "6.4"
}, },
{ {
"version_value" : "7.1" "version_value": "7.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21995545", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21995545" "lang": "eng",
}, "value": "IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1995545."
{ }
"name" : "95102", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95102" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95102",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95102"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995545",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995545"
}
]
}
} }

138
2016/6xxx/CVE-2016-6391.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-6391", "ID": "CVE-2016-6391",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160928 Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip" "lang": "eng",
}, "value": "Cisco IOS 12.2 and 15.0 through 15.3 allows remote attackers to cause a denial of service (traffic-processing outage) via a crafted series of Common Industrial Protocol (CIP) requests, aka Bug ID CSCur69036."
{ }
"name" : "93197", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93197" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036914", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036914" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1036914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036914"
},
{
"name": "93197",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93197"
},
{
"name": "20160928 Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-cip"
}
]
}
} }

32
2016/6xxx/CVE-2016-6907.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6907", "ID": "CVE-2016-6907",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/7xxx/CVE-2016-7105.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7105", "ID": "CVE-2016-7105",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2016/7xxx/CVE-2016-7145.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7145", "ID": "CVE-2016-7145",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/05/9" "lang": "eng",
}, "value": "The m_authenticate function in ircd/m_authenticate.c in nefarious2 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter."
{ }
"name" : "https://github.com/evilnet/nefarious2/commit/f50a84bad996d438e7b31b9e74c32a41e43f8be5", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/evilnet/nefarious2/commit/f50a84bad996d438e7b31b9e74c32a41e43f8be5" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/evilnet/nefarious2/commit/f50a84bad996d438e7b31b9e74c32a41e43f8be5",
"refsource": "CONFIRM",
"url": "https://github.com/evilnet/nefarious2/commit/f50a84bad996d438e7b31b9e74c32a41e43f8be5"
},
{
"name": "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/05/9"
}
]
}
} }

32
2016/7xxx/CVE-2016-7310.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7310", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7310",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

32
2016/7xxx/CVE-2016-7337.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7337", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7337",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

188
2016/7xxx/CVE-2016-7952.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2016-7952", "ID": "CVE-2016-7952",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/4" "lang": "eng",
}, "value": "X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data."
{ }
"name" : "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/10/04/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.x.org/archives/xorg-announce/2016-October/002720.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3", ]
"refsource" : "CONFIRM", }
"url" : "https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3" ]
}, },
{ "references": {
"name" : "FEDORA-2016-c1d4b1df79", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFLHX7WNEUXXDAGR324T35L5P6RRR7GE/" "name": "1036945",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036945"
"name" : "FEDORA-2016-e6ba110670", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVEUZRHYY3AJEKMFQ4DS7DX3Y2AICFP7/" "name": "FEDORA-2016-c1d4b1df79",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AFLHX7WNEUXXDAGR324T35L5P6RRR7GE/"
"name" : "93375", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93375" "name": "93375",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93375"
"name" : "1036945", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036945" "name": "https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3",
} "refsource": "CONFIRM",
] "url": "https://cgit.freedesktop.org/xorg/lib/libXtst/commit/?id=9556ad67af3129ec4a7a4f4b54a0d59701beeae3"
} },
{
"name": "[xorg-announce] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "https://lists.x.org/archives/xorg-announce/2016-October/002720.html"
},
{
"name": "[oss-security] 20161004 Re: X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/4"
},
{
"name": "FEDORA-2016-e6ba110670",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVEUZRHYY3AJEKMFQ4DS7DX3Y2AICFP7/"
},
{
"name": "[oss-security] 20161004 X.Org security advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/04/2"
}
]
}
} }