admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:17:20 +00:00
parent 96c0e67373
commit da30d8a7fe
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
61 changed files with 4188 additions and 4188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
2006/0xxx/CVE-2006-0599.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2006-0599", "ID": "CVE-2006-0599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0003-r1472-Do-not-distinguish-between-invalid-user-name-and-invalid-password.txt?bug=349528;msg=15;att=3", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/0003-r1472-Do-not-distinguish-between-invalid-user-name-and-invalid-password.txt?bug=349528;msg=15;att=3" "lang": "eng",
}, "value": "The (1) elog.c and (2) elogd.c components in elog before 2.5.7 r1558-4 generate different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528", ]
"refsource" : "MISC", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-967", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-967" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16579", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/16579" ]
}, },
{ "references": {
"name" : "18783", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18783" "name": "16579",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/16579"
"name" : "elog-elog-elogd-user-enumeration(24706)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24706" "name": "elog-elog-elogd-user-enumeration(24706)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24706"
} },
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349528"
},
{
"name": "18783",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18783"
},
{
"name": "DSA-967",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-967"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0003-r1472-Do-not-distinguish-between-invalid-user-name-and-invalid-password.txt?bug=349528;msg=15;att=3",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/0003-r1472-Do-not-distinguish-between-invalid-user-name-and-invalid-password.txt?bug=349528;msg=15;att=3"
}
]
}
} }

168
2006/0xxx/CVE-2006-0602.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0602", "ID": "CVE-2006-0602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to check.php or the id parameter to (2) admin/edit_smilie.php, (3) admin/add_theme.php, (4) admin/ban_ip.php, (5) admin/add_lang.php, or (6) admin/edit_filter.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060211 [eVuln] phphg Guestbook Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/424740/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in Hinton Design phphg Guestbook 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to check.php or the id parameter to (2) admin/edit_smilie.php, (3) admin/add_theme.php, (4) admin/ban_ip.php, (5) admin/add_lang.php, or (6) admin/edit_filter.php."
{ }
"name" : "http://evuln.com/vulns/58/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/58/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16541", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16541" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-0480", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/0480" ]
}, },
{ "references": {
"name" : "1015620", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015620" "name": "ADV-2006-0480",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0480"
"name" : "18758", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18758" "name": "16541",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/16541"
} },
{
"name": "1015620",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015620"
},
{
"name": "http://evuln.com/vulns/58/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/58/summary.html"
},
{
"name": "18758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18758"
},
{
"name": "20060211 [eVuln] phphg Guestbook Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424740/100/0/threaded"
}
]
}
} }

148
2006/3xxx/CVE-2006-3354.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3354", "ID": "CVE-2006-3354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Filter property of an ADODB.Recordset ActiveX object to certain values multiple times, which triggers a null dereference."
{ }
"name" : "18773", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18773" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26834", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26834" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ie-adodb-recordset-dos(27596)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html",
"refsource": "MISC",
"url": "http://browserfun.blogspot.com/2006/07/mobb-1-adodbrecordset-filter-property.html"
},
{
"name": "ie-adodb-recordset-dos(27596)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27596"
},
{
"name": "18773",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18773"
},
{
"name": "26834",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26834"
}
]
}
} }

178
2006/3xxx/CVE-2006-3532.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3532", "ID": "CVE-2006-3532",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060707 Pivot <=1.30rc2 privilege escalation / remote commands execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/439495/100/0/threaded" "lang": "eng",
}, "value": "PHP file inclusion vulnerability in includes/edit_new.php in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a FTP URL or full file path in the Paths[extensions_path] parameter."
{ }
"name" : "http://retrogod.altervista.org/pivot_130RC2_xpl.html", ]
"refsource" : "MISC", },
"url" : "http://retrogod.altervista.org/pivot_130RC2_xpl.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18881", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18881" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27512", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/27512" ]
}, },
{ "references": {
"name" : "20962", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20962" "name": "20060707 Pivot <=1.30rc2 privilege escalation / remote commands execution",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/439495/100/0/threaded"
"name" : "1214", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1214" "name": "http://retrogod.altervista.org/pivot_130RC2_xpl.html",
}, "refsource": "MISC",
{ "url": "http://retrogod.altervista.org/pivot_130RC2_xpl.html"
"name" : "pivot-editnew-file-include(27679)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27679" "name": "pivot-editnew-file-include(27679)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27679"
} },
{
"name": "20962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20962"
},
{
"name": "18881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18881"
},
{
"name": "1214",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1214"
},
{
"name": "27512",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27512"
}
]
}
} }

168
2006/4xxx/CVE-2006-4030.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4030", "ID": "CVE-2006-4030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to \"two file exposure bugs.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285" "lang": "eng",
}, "value": "Unspecified vulnerability in the stats module in Gallery 1.5.1-RC2 and earlier allows remote attackers to obtain sensitive information via unspecified attack vectors, related to \"two file exposure bugs.\""
{ }
"name" : "DSA-1148", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2006/dsa-1148" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19453", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19453" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3250", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3250" ]
}, },
{ "references": {
"name" : "16594", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16594" "name": "19453",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19453"
"name" : "21502", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21502" "name": "21502",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21502"
} },
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285"
},
{
"name": "ADV-2006-3250",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3250"
},
{
"name": "DSA-1148",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1148"
},
{
"name": "16594",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16594"
}
]
}
} }

158
2006/4xxx/CVE-2006-4048.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4048", "ID": "CVE-2006-4048",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19421", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19421" "lang": "eng",
}, "value": "Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "ADV-2006-3167", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/3167" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27789", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/27789" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21347", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/21347" ]
}, },
{ "references": {
"name" : "netiouscms-sessionmgmt-session-hijacking(28264)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28264" "name": "21347",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21347"
} },
{
"name": "19421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19421"
},
{
"name": "ADV-2006-3167",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3167"
},
{
"name": "27789",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27789"
},
{
"name": "netiouscms-sessionmgmt-session-hijacking(28264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28264"
}
]
}
} }

228
2006/4xxx/CVE-2006-4392.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4392", "ID": "CVE-2006-4392",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060929 Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/447396/100/0/threaded" "lang": "eng",
}, "value": "The Mach kernel, as used in operating systems including (1) Mac OS X 10.4 through 10.4.7 and (2) OpenStep before 4.2, allows local users to gain privileges via a parent process that forces an exception in a setuid child and uses Mach exception ports to modify the child's thread context and task address space in a way that causes the child to call a parent-controlled function."
{ }
"name" : "http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/", ]
"refsource" : "MISC", },
"url" : "http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2006-09-29", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA06-275A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-275A.html" ]
}, },
{ "references": {
"name" : "VU#838404", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/838404" "name": "20271",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20271"
"name" : "20271", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20271" "name": "1016954",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016954"
"name" : "ADV-2006-3852", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3852" "name": "22187",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22187"
"name" : "29269", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/29269" "name": "ADV-2006-3852",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3852"
"name" : "1016954", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016954" "name": "APPLE-SA-2006-09-29",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html"
"name" : "22187", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22187" "name": "20060929 Matasano Advisory: MacOS X Mach Exception Server Privilege Escalation",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/447396/100/0/threaded"
"name" : "1663", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1663" "name": "VU#838404",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/838404"
"name" : "macos-kernel-code-execution(29281)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29281" "name": "29269",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/29269"
} },
{
"name": "TA06-275A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-275A.html"
},
{
"name": "1663",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1663"
},
{
"name": "http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/",
"refsource": "MISC",
"url": "http://www.matasano.com/log/530/matasano-advisory-macos-x-mach-exception-server-privilege-escalation/"
},
{
"name": "macos-kernel-code-execution(29281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29281"
}
]
}
} }

148
2006/4xxx/CVE-2006-4441.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4441", "ID": "CVE-2006-4441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter to (1) home.php or (2) impressum.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-3394", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3394" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Ay System Solutions CMS 2.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path[ShowProcessHandle] parameter to (1) home.php or (2) impressum.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "28246", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/28246" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "28247", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/28247" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21661", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/21661" ]
} },
] "references": {
} "reference_data": [
{
"name": "21661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21661"
},
{
"name": "ADV-2006-3394",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3394"
},
{
"name": "28246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28246"
},
{
"name": "28247",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28247"
}
]
}
} }

158
2006/6xxx/CVE-2006-6039.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6039", "ID": "CVE-2006-6039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2798", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2798" "lang": "eng",
}, "value": "SQL injection vulnerability in matchdetail.php in Powie's PHP MatchMaker 4.05 and earlier allows remote attackers to execute arbitrary SQL commands via the edit parameter."
{ }
"name" : "21145", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21145" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4611", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4611" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22966", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22966" ]
}, },
{ "references": {
"name" : "powies-matchdetail-sql-injection(30360)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30360" "name": "powies-matchdetail-sql-injection(30360)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30360"
} },
{
"name": "ADV-2006-4611",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4611"
},
{
"name": "22966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22966"
},
{
"name": "21145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21145"
},
{
"name": "2798",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2798"
}
]
}
} }

148
2006/6xxx/CVE-2006-6160.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6160", "ID": "CVE-2006-6160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2846", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2846" "lang": "eng",
}, "value": "SQL injection vulnerability in details.asp in Doug Luxem Liberum Help Desk 0.97.3 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
{ }
"name" : "21292", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21292" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4704", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4704" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "liberum-details-sql-injection(30485)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30485" ]
} },
] "references": {
} "reference_data": [
{
"name": "21292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21292"
},
{
"name": "liberum-details-sql-injection(30485)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30485"
},
{
"name": "ADV-2006-4704",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4704"
},
{
"name": "2846",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2846"
}
]
}
} }

128
2006/6xxx/CVE-2006-6454.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6454", "ID": "CVE-2006-6454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-4905", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4905" "lang": "eng",
}, "value": "execInBackground.php in J-OWAMP Web Interface 2.1b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters to the (1) exe and (2) args parameters, which are used in an exec function call. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "jowamp-execinbackground-command-execution(30781)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30781" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jowamp-execinbackground-command-execution(30781)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30781"
},
{
"name": "ADV-2006-4905",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4905"
}
]
}
} }

388
2006/6xxx/CVE-2006-6736.json
View File

@ -1,197 +1,197 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6736", "ID": "CVE-2006-6736",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to \"access data in other applets,\" aka \"The second issue.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=307177", "description_data": [
"refsource" : "MISC", {
"url" : "http://docs.info.apple.com/article.html?artnum=307177" "lang": "eng",
}, "value": "Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to \"access data in other applets,\" aka \"The second issue.\""
{ }
"name" : "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html", ]
"refsource" : "CONFIRM", },
"url" : "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2007-12-14", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html" ]
}, },
{ "references": {
"name" : "GLSA-200701-15", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200701-15.xml" "name": "http://docs.info.apple.com/article.html?artnum=307177",
}, "refsource": "MISC",
{ "url": "http://docs.info.apple.com/article.html?artnum=307177"
"name" : "GLSA-200702-08", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200702-08.xml" "name": "26049",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26049"
"name" : "GLSA-200705-20", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml" "name": "RHSA-2007:0062",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0062.html"
"name" : "RHSA-2007:0062", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0062.html" "name": "24099",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24099"
"name" : "RHSA-2007:0072", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0072.html" "name": "25404",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25404"
"name" : "RHSA-2007:0073", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0073.html" "name": "1017427",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017427"
"name" : "102732", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1" "name": "24189",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24189"
"name" : "SUSE-SA:2007:003", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html" "name": "ADV-2006-5075",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/5075"
"name" : "SUSE-SA:2007:010", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html" "name": "SUSE-SA:2007:045",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_45_java.html"
"name" : "SUSE-SA:2007:045", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_45_java.html" "name": "APPLE-SA-2007-12-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html"
"name" : "21674", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21674" "name": "SUSE-SA:2007:003",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0003.html"
"name" : "oval:org.mitre.oval:def:9729", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9729" "name": "oval:org.mitre.oval:def:9729",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9729"
"name" : "ADV-2006-5075", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/5075" "name": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html",
}, "refsource": "CONFIRM",
{ "url": "http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html"
"name" : "ADV-2007-4224", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4224" "name": "SUSE-SA:2007:010",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_10_ibmjava.html"
"name" : "1017427", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017427" "name": "26119",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26119"
"name" : "23398", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23398" "name": "RHSA-2007:0072",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0072.html"
"name" : "23650", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23650" "name": "21674",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21674"
"name" : "23835", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23835" "name": "ADV-2007-4224",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4224"
"name" : "24099", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24099" "name": "23650",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23650"
"name" : "24189", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24189" "name": "23835",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23835"
"name" : "25404", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25404" "name": "RHSA-2007:0073",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0073.html"
"name" : "26049", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26049" "name": "GLSA-200705-20",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200705-20.xml"
"name" : "26119", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26119" "name": "28115",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28115"
"name" : "28115", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28115" "name": "GLSA-200702-08",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-200702-08.xml"
} },
{
"name": "23398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23398"
},
{
"name": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html"
},
{
"name": "102732",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1"
},
{
"name": "GLSA-200701-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-15.xml"
}
]
}
} }

138
2006/7xxx/CVE-2006-7183.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7183", "ID": "CVE-2006-7183",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2850", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2850" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in styles.php in Exhibit Engine (EE) 1.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the toroot parameter."
{ }
"name" : "21313", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21313" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "exhibitengine-styles-file-include(30516)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30516" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "21313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21313"
},
{
"name": "exhibitengine-styles-file-include(30516)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30516"
},
{
"name": "2850",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2850"
}
]
}
} }

158
2010/2xxx/CVE-2010-2002.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2002", "ID": "CVE-2010-2002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with \"administer words filtered\" privileges, to inject arbitrary web script or HTML via the word list."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/796618", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/796618" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with \"administer words filtered\" privileges, to inject arbitrary web script or HTML via the word list."
{ }
"name" : "http://drupal.org/node/796620", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/796620" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/797208", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/797208" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40119", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/40119" ]
}, },
{ "references": {
"name" : "39811", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39811" "name": "http://drupal.org/node/796618",
} "refsource": "CONFIRM",
] "url": "http://drupal.org/node/796618"
} },
{
"name": "http://drupal.org/node/797208",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/797208"
},
{
"name": "http://drupal.org/node/796620",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/796620"
},
{
"name": "39811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39811"
},
{
"name": "40119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40119"
}
]
}
} }

158
2010/2xxx/CVE-2010-2368.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2368", "ID": "CVE-2010-2368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ipa.go.jp/about/press/20101012.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.ipa.go.jp/about/press/20101012.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
{ }
"name" : "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#82752978", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN82752978/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "JVNDB-2010-000037", ]
"refsource" : "JVNDB", }
"url" : "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html" ]
}, },
{ "references": {
"name" : "41742", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/41742" "name": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html",
} "refsource": "CONFIRM",
] "url": "http://www7a.biglobe.ne.jp/~schezo/dll_vul.html"
} },
{
"name": "JVNDB-2010-000037",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000037.html"
},
{
"name": "JVN#82752978",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN82752978/index.html"
},
{
"name": "41742",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41742"
},
{
"name": "http://www.ipa.go.jp/about/press/20101012.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20101012.html"
}
]
}
} }

158
2010/2xxx/CVE-2010-2961.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@ubuntu.com",
"ID" : "CVE-2010-2961", "ID": "CVE-2010-2961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807" "lang": "eng",
}, "value": "mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows local users to gain privileges by modifying this file."
{ }
"name" : "USN-985-1", ]
"refsource" : "UBUNTU", },
"url" : "http://www.ubuntu.com/usn/USN-985-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "67914", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/67914" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41351", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/41351" ]
}, },
{ "references": {
"name" : "ADV-2010-2342", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2342" "name": "ADV-2010-2342",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/2342"
} },
{
"name": "67914",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/67914"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/591807"
},
{
"name": "USN-985-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-985-1"
},
{
"name": "41351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41351"
}
]
}
} }

238
2010/2xxx/CVE-2010-2969.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2969", "ID": "CVE-2010-2969",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20100701 CVE request: moin multiple XSS", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=oss-security&m=127799369406968&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487."
{ }
"name" : "[oss-security] 20100702 Re: CVE request: moin multiple XSS", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=oss-security&m=127809682420259&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://hg.moinmo.in/moin/1.7/rev/37306fba2189", ]
"refsource" : "CONFIRM", }
"url" : "http://hg.moinmo.in/moin/1.7/rev/37306fba2189" ]
}, },
{ "references": {
"name" : "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES" "name": "ADV-2010-1981",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/1981"
"name" : "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572", },
"refsource" : "CONFIRM", {
"url" : "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572" "name": "http://moinmo.in/MoinMoinRelease1.9",
}, "refsource": "CONFIRM",
{ "url": "http://moinmo.in/MoinMoinRelease1.9"
"name" : "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg", },
"refsource" : "CONFIRM", {
"url" : "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg" "name": "http://moinmo.in/SecurityFixes",
}, "refsource": "CONFIRM",
{ "url": "http://moinmo.in/SecurityFixes"
"name" : "http://moinmo.in/MoinMoinRelease1.9", },
"refsource" : "CONFIRM", {
"url" : "http://moinmo.in/MoinMoinRelease1.9" "name": "40549",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/40549"
"name" : "http://moinmo.in/SecurityFixes", },
"refsource" : "CONFIRM", {
"url" : "http://moinmo.in/SecurityFixes" "name": "DSA-2083",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2010/dsa-2083"
"name" : "DSA-2083", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2083" "name": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572",
}, "refsource": "CONFIRM",
{ "url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572"
"name" : "40549", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40549" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809"
"name" : "40836", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40836" "name": "[oss-security] 20100701 CVE request: moin multiple XSS",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=oss-security&m=127799369406968&w=2"
"name" : "ADV-2010-1981", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1981" "name": "[oss-security] 20100702 Re: CVE request: moin multiple XSS",
} "refsource": "MLIST",
] "url": "http://marc.info/?l=oss-security&m=127809682420259&w=2"
} },
{
"name": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES"
},
{
"name": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189",
"refsource": "CONFIRM",
"url": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189"
},
{
"name": "40836",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40836"
},
{
"name": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg",
"refsource": "CONFIRM",
"url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg"
}
]
}
} }

168
2010/3xxx/CVE-2010-3374.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3374", "ID": "CVE-2010-3374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms" "lang": "eng",
}, "value": "Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory."
{ }
"name" : "http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4", ]
"refsource" : "CONFIRM", },
"url" : "http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2010:193", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:193" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43672", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/43672" ]
}, },
{ "references": {
"name" : "ADV-2010-2559", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2559" "name": "ADV-2010-2559",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2010/2559"
"name" : "ADV-2010-2560", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/2560" "name": "http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4",
} "refsource": "CONFIRM",
] "url": "http://www.qt.gitorious.org/qt-creator/qt-creator/commit/3c00715c8e90c57953ec4a8716110f6954e524e4"
} },
{
"name": "MDVSA-2010:193",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:193"
},
{
"name": "43672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43672"
},
{
"name": "ADV-2010-2560",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2560"
},
{
"name": "http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms",
"refsource": "CONFIRM",
"url": "http://qt.nokia.com/about/news/security-announcement-qt-creator-2.0.0-for-desktop-platforms"
}
]
}
} }

32
2010/3xxx/CVE-2010-3446.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3446", "ID": "CVE-2010-3446",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2011/0xxx/CVE-2011-0173.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0173", "ID": "CVE-2011-0173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4581", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4581" "lang": "eng",
}, "value": "Multiple format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 allow context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via format string specifiers in a (1) display dialog or (2) display alert command in a dialog in an AppleScript Studio application."
{ }
"name" : "APPLE-SA-2011-03-21-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}
} }

158
2011/0xxx/CVE-2011-0280.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2011-0280", "ID": "CVE-2011-0280",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMA02629", "description_data": [
"refsource" : "HP", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information."
{ }
"name" : "SSRT100381", ]
"refsource" : "HP", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46830", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46830" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43058", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/43058" ]
}, },
{ "references": {
"name" : "powermanager-unspecified-xss(66035)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035" "name": "powermanager-unspecified-xss(66035)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
} },
{
"name": "46830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46830"
},
{
"name": "43058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43058"
},
{
"name": "HPSBMA02629",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"name": "SSRT100381",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
}
]
}
} }

168
2011/0xxx/CVE-2011-0584.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-0584", "ID": "CVE-2011-0584",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-04.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-04.html" "lang": "eng",
}, "value": "Session fixation vulnerability in Adobe ColdFusion 8.0 through 9.0.1 allows remote attackers to hijack web sessions via unspecified vectors."
{ }
"name" : "46278", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/46278" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1025036", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025036" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43264", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/43264" ]
}, },
{ "references": {
"name" : "ADV-2011-0334", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0334" "name": "adobe-coldfusion-session-hijacking(65280)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65280"
"name" : "adobe-coldfusion-session-hijacking(65280)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65280" "name": "ADV-2011-0334",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2011/0334"
} },
{
"name": "1025036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025036"
},
{
"name": "43264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43264"
},
{
"name": "46278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46278"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-04.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-04.html"
}
]
}
} }

32
2011/0xxx/CVE-2011-0705.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-0705", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-0705",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

158
2011/1xxx/CVE-2011-1122.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1122", "ID": "CVE-2011-1122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=71960", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=71960" "lang": "eng",
}, "value": "The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46614", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46614" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:14559", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14559" ]
}, },
{ "references": {
"name" : "google-chrome-webgl-dos(65740)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65740" "name": "http://code.google.com/p/chromium/issues/detail?id=71960",
} "refsource": "CONFIRM",
] "url": "http://code.google.com/p/chromium/issues/detail?id=71960"
} },
{
"name": "google-chrome-webgl-dos(65740)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65740"
},
{
"name": "46614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46614"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html"
},
{
"name": "oval:org.mitre.oval:def:14559",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14559"
}
]
}
} }

128
2011/1xxx/CVE-2011-1262.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2011-1262", "ID": "CVE-2011-1262",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"HTTP Redirect Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS11-050", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" "lang": "eng",
}, "value": "Microsoft Internet Explorer 7 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"HTTP Redirect Memory Corruption Vulnerability.\""
{ }
"name" : "oval:org.mitre.oval:def:12405", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12405" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:12405",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12405"
},
{
"name": "MS11-050",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050"
}
]
}
} }

238
2011/1xxx/CVE-2011-1553.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1553", "ID": "CVE-2011-1553",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/517205/100/0/threaded" "lang": "eng",
}, "value": "Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764."
{ }
"name" : "http://www.toucan-system.com/advisories/tssa-2011-01.txt", ]
"refsource" : "MISC", },
"url" : "http://www.toucan-system.com/advisories/tssa-2011-01.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.foolabs.com/xpdf/download.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.foolabs.com/xpdf/download.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X" ]
}, },
{ "references": {
"name" : "GLSA-201701-57", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-57" "name": "43823",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43823"
"name" : "MDVSA-2012:144", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" "name": "48985",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48985"
"name" : "RHSA-2012:1201", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1201.html" "name": "8171",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8171"
"name" : "VU#376500", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/376500" "name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
}, "refsource": "CONFIRM",
{ "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
"name" : "1025266", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1025266" "name": "ADV-2011-0728",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0728"
"name" : "43823", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43823" "name": "RHSA-2012:1201",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
"name" : "48985", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48985" "name": "http://www.foolabs.com/xpdf/download.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.foolabs.com/xpdf/download.html"
"name" : "8171", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8171" "name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
}, "refsource": "MISC",
{ "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
"name" : "ADV-2011-0728", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0728" "name": "VU#376500",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/376500"
} },
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
]
}
} }

298
2011/1xxx/CVE-2011-1957.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-1957", "ID": "CVE-2011-1957",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/05/31/20" "lang": "eng",
}, "value": "The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length."
{ }
"name" : "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2011/06/01/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues", "description": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/06/01/11" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958", ]
"refsource" : "CONFIRM", }
"url" : "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958" ]
}, },
{ "references": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2011-07.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2011-07.html" "name": "44958",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44958"
"name" : "http://www.wireshark.org/security/wnpa-sec-2011-08.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2011-08.html" "name": "FEDORA-2011-7846",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html"
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876" "name": "http://www.wireshark.org/security/wnpa-sec-2011-07.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2011-07.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=710021", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=710021" "name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958",
}, "refsource": "CONFIRM",
{ "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=36958"
"name" : "DSA-2274", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2274" "name": "48947",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48947"
"name" : "FEDORA-2011-7821", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html" "name": "48066",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/48066"
"name" : "FEDORA-2011-7846", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html" "name": "http://www.wireshark.org/security/wnpa-sec-2011-08.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2011-08.html"
"name" : "FEDORA-2011-7858", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html" "name": "DSA-2274",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2274"
"name" : "48066", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48066" "name": "44449",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44449"
"name" : "oval:org.mitre.oval:def:14325", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325" "name": "oval:org.mitre.oval:def:14325",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14325"
"name" : "44449", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44449" "name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/06/01/11"
"name" : "45149", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45149" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5876"
"name" : "44958", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44958" "name": "[oss-security] 20110601 Re: CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
}, "refsource": "MLIST",
{ "url": "http://openwall.com/lists/oss-security/2011/06/01/1"
"name" : "48947", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48947" "name": "FEDORA-2011-7821",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061290.html"
"name" : "wireshark-dicom-dos(67790)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790" "name": "wireshark-dicom-dos(67790)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67790"
} },
{
"name": "[oss-security] 20110531 CVE request for Wireshark 1.4.6/1.2.16 Multiple DoS issues",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/05/31/20"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=710021",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710021"
},
{
"name": "FEDORA-2011-7858",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html"
},
{
"name": "45149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45149"
}
]
}
} }

118
2011/5xxx/CVE-2011-5288.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-5288", "ID": "CVE-2011-5288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allow remote attackers to execute arbitrary code via a long argument to the (1) cmdExport, (2) cmdImport, (3) cmdOpen, or (4) cmdSave method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.htbridge.com/advisory/HTB23020", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23020" "lang": "eng",
} "value": "Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeDify Designer 5.0.2 allow remote attackers to execute arbitrary code via a long argument to the (1) cmdExport, (2) cmdImport, (3) cmdOpen, or (4) cmdSave method."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.htbridge.com/advisory/HTB23020",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23020"
}
]
}
} }

32
2011/5xxx/CVE-2011-5371.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-5371", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-5371",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5371. Reason: This candidate is a duplicate of CVE-2012-5371. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2012-5371 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5371. Reason: This candidate is a duplicate of CVE-2012-5371. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2012-5371 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

208
2014/3xxx/CVE-2014-3179.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2014-3179", "ID": "CVE-2014-3179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.120 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.120 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=396447", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=396447" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.google.com/p/chromium/issues/detail?id=402255", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.google.com/p/chromium/issues/detail?id=402255" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=403596", ]
"refsource" : "CONFIRM", }
"url" : "https://code.google.com/p/chromium/issues/detail?id=403596" ]
}, },
{ "references": {
"name" : "https://crbug.com/411014", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://crbug.com/411014" "name": "https://code.google.com/p/chromium/issues/detail?id=402255",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=402255"
"name" : "DSA-3039", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3039" "name": "GLSA-201409-06",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201409-06.xml"
"name" : "GLSA-201409-06", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201409-06.xml" "name": "https://crbug.com/411014",
}, "refsource": "CONFIRM",
{ "url": "https://crbug.com/411014"
"name" : "69710", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69710" "name": "69710",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/69710"
"name" : "61446", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61446" "name": "https://code.google.com/p/chromium/issues/detail?id=396447",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=396447"
"name" : "google-chrome-cve20143179-unspec(95816)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95816" "name": "google-chrome-cve20143179-unspec(95816)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95816"
} },
{
"name": "https://code.google.com/p/chromium/issues/detail?id=403596",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=403596"
},
{
"name": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html"
},
{
"name": "61446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61446"
},
{
"name": "DSA-3039",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3039"
}
]
}
} }

32
2014/3xxx/CVE-2014-3622.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3622", "ID": "CVE-2014-3622",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2014/3xxx/CVE-2014-3699.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3699", "ID": "CVE-2014-3699",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2014/3xxx/CVE-2014-3974.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3974", "ID": "CVE-2014-3974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "33555", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/33555" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter."
{ }
"name" : "http://bot24.blogspot.com/2014/05/auracms-30-cross-site-scripting-local.html", ]
"refsource" : "MISC", },
"url" : "http://bot24.blogspot.com/2014/05/auracms-30-cross-site-scripting-local.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/126843/AuraCMS-3.0-Cross-Site-Scripting-Local-File-Inclusion.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/126843/AuraCMS-3.0-Cross-Site-Scripting-Local-File-Inclusion.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "107554", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/show/osvdb/107554" ]
}, },
{ "references": {
"name" : "58850", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58850" "name": "33555",
} "refsource": "EXPLOIT-DB",
] "url": "http://www.exploit-db.com/exploits/33555"
} },
{
"name": "http://packetstormsecurity.com/files/126843/AuraCMS-3.0-Cross-Site-Scripting-Local-File-Inclusion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126843/AuraCMS-3.0-Cross-Site-Scripting-Local-File-Inclusion.html"
},
{
"name": "58850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58850"
},
{
"name": "http://bot24.blogspot.com/2014/05/auracms-30-cross-site-scripting-local.html",
"refsource": "MISC",
"url": "http://bot24.blogspot.com/2014/05/auracms-30-cross-site-scripting-local.html"
},
{
"name": "107554",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/107554"
}
]
}
} }

32
2014/6xxx/CVE-2014-6026.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6026", "ID": "CVE-2014-6026",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2014/6xxx/CVE-2014-6243.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6243", "ID": "CVE-2014-6243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngout error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141008 Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/533641/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the EWWW Image Optimizer plugin before 2.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the error parameter in the ewww-image-optimizer.php page to wp-admin/options-general.php, which is not properly handled in a pngout error message."
{ }
"name" : "https://www.htbridge.com/advisory/HTB23234", ]
"refsource" : "MISC", },
"url" : "https://www.htbridge.com/advisory/HTB23234" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/128621/WordPress-EWWW-Image-Optimizer-2.0.1-Cross-Site-Scripting.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/128621/WordPress-EWWW-Image-Optimizer-2.0.1-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://wordpress.org/plugins/ewww-image-optimizer/changelog", ]
"refsource" : "CONFIRM", }
"url" : "https://wordpress.org/plugins/ewww-image-optimizer/changelog" ]
}, },
{ "references": {
"name" : "70190", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70190" "name": "70190",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/70190"
} },
{
"name": "20141008 Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533641/100/0/threaded"
},
{
"name": "https://wordpress.org/plugins/ewww-image-optimizer/changelog",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/ewww-image-optimizer/changelog"
},
{
"name": "http://packetstormsecurity.com/files/128621/WordPress-EWWW-Image-Optimizer-2.0.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128621/WordPress-EWWW-Image-Optimizer-2.0.1-Cross-Site-Scripting.html"
},
{
"name": "https://www.htbridge.com/advisory/HTB23234",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23234"
}
]
}
} }

158
2014/6xxx/CVE-2014-6485.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6485", "ID": "CVE-2014-6485",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
{ }
"name" : "GLSA-201502-12", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "70519", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70519" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "61632", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/61632" ]
}, },
{ "references": {
"name" : "61609", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61609" "name": "61609",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/61609"
} },
{
"name": "70519",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70519"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "61632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61632"
}
]
}
} }

138
2014/7xxx/CVE-2014-7323.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7323", "ID": "CVE-2014-7323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Dignity Dialogue (aka com.magzter.dignitydialogue) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Dignity Dialogue (aka com.magzter.dignitydialogue) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#942769", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/942769" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#942769",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/942769"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

32
2014/7xxx/CVE-2014-7479.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-7479", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-7479",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

138
2014/7xxx/CVE-2014-7535.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7535", "ID": "CVE-2014-7535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Classic Racer (aka com.triactivemedia.classicracer) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Classic Racer (aka com.triactivemedia.classicracer) application @7F0801AA for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#945849", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/945849" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#945849",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/945849"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

138
2014/7xxx/CVE-2014-7744.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7744", "ID": "CVE-2014-7744",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Musulmanin.com (aka com.wSalyafiyailimurdjiya) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#789913", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/789913" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#789913",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/789913"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

148
2014/8xxx/CVE-2014-8032.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-8032", "ID": "CVE-2014-8032",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150108 Cisco WebEx Meetings Server Password Encryption Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8032" "lang": "eng",
}, "value": "The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449."
{ }
"name" : "71947", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/71947" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031517", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031517" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cisco-webex-cve20148032-info-disc(100564)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100564" ]
} },
] "references": {
} "reference_data": [
{
"name": "1031517",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031517"
},
{
"name": "20150108 Cisco WebEx Meetings Server Password Encryption Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8032"
},
{
"name": "cisco-webex-cve20148032-info-disc(100564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100564"
},
{
"name": "71947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71947"
}
]
}
} }

32
2014/8xxx/CVE-2014-8649.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-8649", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-8649",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

32
2014/8xxx/CVE-2014-8880.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8880", "ID": "CVE-2014-8880",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2016/2xxx/CVE-2016-2149.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-2149", "ID": "CVE-2016-2149",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "RHSA-2016:1064", "description_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1064" "lang": "eng",
} "value": "Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:1064",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1064"
}
]
}
} }

188
2016/2xxx/CVE-2016-2170.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-2170", "ID": "CVE-2016-2170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160408 CVE-2016-2170: Apache OFBiz information disclosure vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/538034/100/0/threaded" "lang": "eng",
}, "value": "Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
{ }
"name" : "http://packetstormsecurity.com/files/136639/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/136639/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ofbiz.apache.org/download.html#vulnerabilities", "description": [
"refsource" : "CONFIRM", {
"url" : "http://ofbiz.apache.org/download.html#vulnerabilities" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04", ]
"refsource" : "CONFIRM", }
"url" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04" ]
}, },
{ "references": {
"name" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07" "name": "http://ofbiz.apache.org/download.html#vulnerabilities",
}, "refsource": "CONFIRM",
{ "url": "http://ofbiz.apache.org/download.html#vulnerabilities"
"name" : "https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability", },
"refsource" : "CONFIRM", {
"url" : "https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability" "name": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04",
}, "refsource": "CONFIRM",
{ "url": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_12_04"
"name" : "https://issues.apache.org/jira/browse/OFBIZ-6726", },
"refsource" : "CONFIRM", {
"url" : "https://issues.apache.org/jira/browse/OFBIZ-6726" "name": "1035513",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035513"
"name" : "1035513", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035513" "name": "https://issues.apache.org/jira/browse/OFBIZ-6726",
} "refsource": "CONFIRM",
] "url": "https://issues.apache.org/jira/browse/OFBIZ-6726"
} },
{
"name": "https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/OFBIZ/The+infamous+Java+serialization+vulnerability"
},
{
"name": "20160408 CVE-2016-2170: Apache OFBiz information disclosure vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538034/100/0/threaded"
},
{
"name": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07",
"refsource": "CONFIRM",
"url": "https://blogs.apache.org/ofbiz/entry/announce_apache_ofbiz_13_07"
},
{
"name": "http://packetstormsecurity.com/files/136639/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136639/Apache-OFBiz-13.07.02-13.07.01-Information-Disclosure.html"
}
]
}
} }

138
2016/2xxx/CVE-2016-2232.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2232", "ID": "CVE-2016-2232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a zero length error correcting redundancy packet for a UDPTL FAX packet that is lost."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://downloads.asterisk.org/pub/security/AST-2016-003.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://downloads.asterisk.org/pub/security/AST-2016-003.html" "lang": "eng",
}, "value": "Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3 allow remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a zero length error correcting redundancy packet for a UDPTL FAX packet that is lost."
{ }
"name" : "DSA-3700", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2016/dsa-3700" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034931", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034931" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://downloads.asterisk.org/pub/security/AST-2016-003.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2016-003.html"
},
{
"name": "1034931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034931"
},
{
"name": "DSA-3700",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3700"
}
]
}
} }

118
2016/2xxx/CVE-2016-2291.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-2291", "ID": "CVE-2016-2291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01" "lang": "eng",
} "value": "Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allow remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-096-01"
}
]
}
} }

32
2016/2xxx/CVE-2016-2752.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-2752", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-2752",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

128
2017/1001xxx/CVE-2017-1001004.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "josh@bress.net",
"ID" : "CVE-2017-1001004", "ID": "CVE-2017-1001004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "typed-function", "product_name": "typed-function",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "0.10.6" "version_value": "0.10.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "typed-function" "vendor_name": "typed-function"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/josdejong/typed-function/blob/master/HISTORY.md#2017-11-18-version-0106", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/josdejong/typed-function/blob/master/HISTORY.md#2017-11-18-version-0106" "lang": "eng",
}, "value": "typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution."
{ }
"name" : "https://github.com/josdejong/typed-function/commit/6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/josdejong/typed-function/commit/6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/josdejong/typed-function/commit/6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe",
"refsource": "CONFIRM",
"url": "https://github.com/josdejong/typed-function/commit/6478ef4f2c3f3c2d9f2c820e2db4b4ba3425e6fe"
},
{
"name": "https://github.com/josdejong/typed-function/blob/master/HISTORY.md#2017-11-18-version-0106",
"refsource": "CONFIRM",
"url": "https://github.com/josdejong/typed-function/blob/master/HISTORY.md#2017-11-18-version-0106"
}
]
}
} }

130
2017/18xxx/CVE-2017-18135.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2017-18135", "ID": "CVE-2017-18135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850" "version_value": "MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in Data"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Buffer Copy without Checking Size of Input in Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
} }

238
2017/18xxx/CVE-2017-18208.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18208", "ID": "CVE-2017-18208",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91", "description_data": [
"refsource" : "MISC", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91" "lang": "eng",
}, "value": "The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping."
{ }
"name" : "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91", ]
"refsource" : "MISC", },
"url" : "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4", "description": [
"refsource" : "MISC", {
"url" : "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2018:2948", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2018:2948" ]
}, },
{ "references": {
"name" : "RHSA-2018:3083", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3083" "name": "RHSA-2018:3083",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3083"
"name" : "RHSA-2018:3096", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3096" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91",
}, "refsource": "MISC",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
"name" : "USN-3619-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3619-1/" "name": "USN-3619-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3619-2/"
"name" : "USN-3619-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3619-2/" "name": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4",
}, "refsource": "MISC",
{ "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4"
"name" : "USN-3653-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3653-1/" "name": "RHSA-2018:2948",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2948"
"name" : "USN-3653-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3653-2/" "name": "USN-3653-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3653-2/"
"name" : "USN-3655-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3655-2/" "name": "USN-3655-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3655-1/"
"name" : "USN-3657-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3657-1/" "name": "USN-3655-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3655-2/"
"name" : "USN-3655-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3655-1/" "name": "USN-3653-1",
} "refsource": "UBUNTU",
] "url": "https://usn.ubuntu.com/3653-1/"
} },
{
"name": "USN-3657-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3657-1/"
},
{
"name": "RHSA-2018:3096",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"name": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/6ea8d958a2c95a1d514015d4e29ba21a8c0a1a91"
},
{
"name": "USN-3619-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3619-1/"
}
]
}
} }

32
2017/1xxx/CVE-2017-1015.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1015", "ID": "CVE-2017-1015",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

218
2017/1xxx/CVE-2017-1327.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-06-01T00:00:00", "DATE_PUBLIC": "2017-06-01T00:00:00",
"ID" : "CVE-2017-1327", "ID": "CVE-2017-1327",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iNotes", "product_name": "iNotes",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0" "version_value": "9.0"
}, },
{ {
"version_value" : "8.5.3" "version_value": "8.5.3"
}, },
{ {
"version_value" : "8.5.2" "version_value": "8.5.2"
}, },
{ {
"version_value" : "8.5.1" "version_value": "8.5.1"
}, },
{ {
"version_value" : "8.5" "version_value": "8.5"
}, },
{ {
"version_value" : "8.5.3.6" "version_value": "8.5.3.6"
}, },
{ {
"version_value" : "9.0.1" "version_value": "9.0.1"
}, },
{ {
"version_value" : "8.5.1.5" "version_value": "8.5.1.5"
}, },
{ {
"version_value" : "8.5.2.4" "version_value": "8.5.2.4"
}, },
{ {
"version_value" : "8.5.2.1" "version_value": "8.5.2.1"
}, },
{ {
"version_value" : "8.5.3.1" "version_value": "8.5.3.1"
}, },
{ {
"version_value" : "9.0.1.1" "version_value": "9.0.1.1"
}, },
{ {
"version_value" : "8.5.1.1" "version_value": "8.5.1.1"
}, },
{ {
"version_value" : "9.0.1.8" "version_value": "9.0.1.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062" "lang": "eng",
}, "value": "IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126062."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22003664", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22003664" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100139", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100139" "lang": "eng",
} "value": "Cross-Site Scripting"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22003664",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22003664"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126062"
},
{
"name": "100139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100139"
}
]
}
} }

32
2017/1xxx/CVE-2017-1709.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1709", "ID": "CVE-2017-1709",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2017/1xxx/CVE-2017-1788.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-03-14T00:00:00", "DATE_PUBLIC": "2018-03-14T00:00:00",
"ID" : "CVE-2017-1788", "ID": "CVE-2017-1788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebSphere Application Server", "product_name": "WebSphere Application Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9" "version_value": "9"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 137031."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"UI" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137031", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/137031" "lang": "eng",
}, "value": "IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 137031."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22012341", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22012341" "impact": {
}, "cvssv3": {
{ "BM": {
"name" : "103497", "A": "N",
"refsource" : "BID", "AC": "L",
"url" : "http://www.securityfocus.com/bid/103497" "AV": "N",
} "C": "L",
] "I": "N",
} "PR": "N",
"S": "U",
"SCORE": "5.300",
"UI": "N"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137031",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/137031"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22012341",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22012341"
},
{
"name": "103497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103497"
}
]
}
} }

32
2017/1xxx/CVE-2017-1888.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1888", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1888",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

168
2017/5xxx/CVE-2017-5093.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5093", "ID": "CVE-2017-5093",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android", "product_name": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android" "version_value": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Inappropriate implementation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Inappropriate implementation in modal dialog handling in Blink in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to prevent a full screen warning from being displayed via a crafted HTML page."
{ }
"name" : "https://crbug.com/550017", ]
"refsource" : "MISC", },
"url" : "https://crbug.com/550017" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3926", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3926" "lang": "eng",
}, "value": "Inappropriate implementation"
{ }
"name" : "GLSA-201709-15", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201709-15" ]
}, },
{ "references": {
"name" : "RHSA-2017:1833", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1833" "name": "https://crbug.com/550017",
}, "refsource": "MISC",
{ "url": "https://crbug.com/550017"
"name" : "99950", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99950" "name": "GLSA-201709-15",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201709-15"
} },
{
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
}
]
}
} }

32
2017/5xxx/CVE-2017-5213.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5213", "ID": "CVE-2017-5213",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/5xxx/CVE-2017-5804.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-04-18T00:00:00", "DATE_PUBLIC": "2017-04-18T00:00:00",
"ID" : "CVE-2017-5804", "ID": "CVE-2017-5804",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intelligent Management Center (iMC) PLAT", "product_name": "Intelligent Management Center (iMC) PLAT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v7.2" "version_value": "v7.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us" "lang": "eng",
}, "value": "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found."
{ }
"name" : "98088", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038377", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038377" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1038377",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038377"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03738en_us"
},
{
"name": "98088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98088"
}
]
}
} }

178
2017/5xxx/CVE-2017-5930.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2017-5930", "ID": "CVE-2017-5930",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20170207 Re: CVE request: PostfixAdmin allows to delete protected aliases", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2017/02/08/1" "lang": "eng",
}, "value": "The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check."
{ }
"name" : "[oss-security] 20170209 Re: CVE request: PostfixAdmin allows to delete protected aliases", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2017/02/09/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[postfixadmin-devel] 20170204 Security hole in AliasHandler", "description": [
"refsource" : "MLIST", {
"url" : "https://sourceforge.net/p/postfixadmin/mailman/message/35646827/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT" ]
}, },
{ "references": {
"name" : "https://github.com/postfixadmin/postfixadmin/pull/23", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/postfixadmin/postfixadmin/pull/23" "name": "[postfixadmin-devel] 20170204 Security hole in AliasHandler",
}, "refsource": "MLIST",
{ "url": "https://sourceforge.net/p/postfixadmin/mailman/message/35646827/"
"name" : "openSUSE-SU-2017:0488", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2017-02/msg00076.html" "name": "https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/postfixadmin/postfixadmin/blob/postfixadmin-3.0.2/CHANGELOG.TXT"
"name" : "96142", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96142" "name": "96142",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/96142"
} },
{
"name": "openSUSE-SU-2017:0488",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00076.html"
},
{
"name": "[oss-security] 20170207 Re: CVE request: PostfixAdmin allows to delete protected aliases",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/08/1"
},
{
"name": "https://github.com/postfixadmin/postfixadmin/pull/23",
"refsource": "CONFIRM",
"url": "https://github.com/postfixadmin/postfixadmin/pull/23"
},
{
"name": "[oss-security] 20170209 Re: CVE request: PostfixAdmin allows to delete protected aliases",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/09/1"
}
]
}
} }

32
2017/5xxx/CVE-2017-5939.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5939", "ID": "CVE-2017-5939",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }