admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:10:20 +00:00
parent c89c5ab8ee
commit e4bfa0e497
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3864 additions and 3864 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2006/5xxx/CVE-2006-5133.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5133", "ID": "CVE-2006-5133",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing \"globbing chars.\"" "value": "Buffer overflow in GuildFTPd 0.999.13 allows remote attackers to have an unknown impact, possibly code execution related to input containing \"globbing chars.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060508 INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities", "name": "25721",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html" "url": "http://www.osvdb.org/25721"
}, },
{ {
"name" : "http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03", "name": "http://forums.guildftpd.com/viewtopic.php?t=452",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03" "url": "http://forums.guildftpd.com/viewtopic.php?t=452"
}, },
{ {
"name" : "http://forums.guildftpd.com/viewtopic.php?t=452", "name": "1675",
"refsource" : "CONFIRM", "refsource": "SREASON",
"url" : "http://forums.guildftpd.com/viewtopic.php?t=452" "url": "http://securityreason.com/securityalert/1675"
}, },
{ {
"name" : "25721", "name": "http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/25721" "url": "http://www.infigo.hr/hr/in_focus/advisories/INFIGO-2006-05-03"
}, },
{ {
"name" : "1675", "name": "20060508 INFIGO-2006-05-03: Multiple FTP Servers vulnerabilities",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/1675" "url": "http://archives.neohapsis.com/archives/bugtraq/2006-05/0139.html"
} }
] ]
} }

92
2006/5xxx/CVE-2006-5746.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5746", "ID": "CVE-2006-5746",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The console in AirMagnet Enterprise before 7.5 build 6307 does not properly validate the Enterprise Server certificate, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack, possibly related to the use of self-signed certificates." "value": "The console in AirMagnet Enterprise before 7.5 build 6307 does not properly validate the Enterprise Server certificate, which allows remote attackers to read network traffic via a man-in-the-middle (MITM) attack, possibly related to the use of self-signed certificates."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061018 Airmagnet management interfaces multiple vulnerabilities", "name": "29921",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/449119/100/200/threaded" "url": "http://www.osvdb.org/29921"
}, },
{ {
"name" : "20061025 Web-style Wireless IDS attacks", "name": "20061018 Airmagnet management interfaces multiple vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/449739/100/100/threaded" "url": "http://www.securityfocus.com/archive/1/449119/100/200/threaded"
}, },
{ {
"name" : "20061117 Re: Airmagnet management interfaces multiple vulnerabilities", "name": "20602",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/451978/100/100/threaded" "url": "http://www.securityfocus.com/bid/20602"
}, },
{ {
"name" : "20602", "name": "20061025 Web-style Wireless IDS attacks",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/20602" "url": "http://www.securityfocus.com/archive/1/449739/100/100/threaded"
}, },
{ {
"name" : "29921", "name": "20061117 Re: Airmagnet management interfaces multiple vulnerabilities",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/29921" "url": "http://www.securityfocus.com/archive/1/451978/100/100/threaded"
}, },
{ {
"name" : "22475", "name": "22475",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/22475" "url": "http://secunia.com/advisories/22475"
} }
] ]
} }

110
2006/5xxx/CVE-2006-5858.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5858", "ID": "CVE-2006-5858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file." "value": "Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote attackers to read arbitrary files, list directories, or read source code via a double URL-encoded NULL byte in a ColdFusion filename, such as a CFM file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070109 Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability", "name": "http://www.adobe.com/support/security/bulletins/apsb07-02.html",
"refsource" : "IDEFENSE", "refsource": "CONFIRM",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=466" "url": "http://www.adobe.com/support/security/bulletins/apsb07-02.html"
}, },
{ {
"name" : "20070121 Adobe ColdFusion Information Disclosure", "name": "20070121 Adobe ColdFusion Information Disclosure",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457799/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/457799/100/0/threaded"
}, },
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb07-02.html", "name": "23668",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.adobe.com/support/security/bulletins/apsb07-02.html" "url": "http://secunia.com/advisories/23668"
}, },
{ {
"name" : "21978", "name": "20070109 Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability",
"refsource" : "BID", "refsource": "IDEFENSE",
"url" : "http://www.securityfocus.com/bid/21978" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=466"
}, },
{ {
"name" : "ADV-2007-0116", "name": "1017490",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2007/0116" "url": "http://securitytracker.com/id?1017490"
}, },
{ {
"name" : "32123", "name": "21978",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/32123" "url": "http://www.securityfocus.com/bid/21978"
}, },
{ {
"name" : "1017490", "name": "32123",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://securitytracker.com/id?1017490" "url": "http://osvdb.org/32123"
}, },
{ {
"name" : "23668", "name": "ADV-2007-0116",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/23668" "url": "http://www.vupen.com/english/advisories/2007/0116"
}, },
{ {
"name" : "coldfusion-urlparsing-info-disclosure(31411)", "name": "coldfusion-urlparsing-info-disclosure(31411)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31411" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31411"
} }
] ]
} }

86
2007/2xxx/CVE-2007-2103.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2103", "ID": "CVE-2007-2103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in my little forum 1.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php and (2) timedifference.php." "value": "Multiple PHP remote file inclusion vulnerabilities in my little forum 1.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to (1) admin.php and (2) timedifference.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070416 my little forum 1.7 Remote File Include Vulnerabilitiy", "name": "2576",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/465987/100/0/threaded" "url": "http://securityreason.com/securityalert/2576"
}, },
{ {
"name" : "35402", "name": "35402",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/35402" "url": "http://osvdb.org/35402"
}, },
{ {
"name" : "35403", "name": "mylittleforum-lang-file-include(33719)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/35403" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33719"
}, },
{ {
"name" : "2576", "name": "20070416 my little forum 1.7 Remote File Include Vulnerabilitiy",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/2576" "url": "http://www.securityfocus.com/archive/1/465987/100/0/threaded"
}, },
{ {
"name" : "mylittleforum-lang-file-include(33719)", "name": "35403",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33719" "url": "http://osvdb.org/35403"
} }
] ]
} }

74
2007/2xxx/CVE-2007-2195.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2195", "ID": "CVE-2007-2195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337." "value": "aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.securityfocus.com/data/vulnerabilities/exploits/23583.c", "name": "39116",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/data/vulnerabilities/exploits/23583.c" "url": "http://osvdb.org/39116"
}, },
{ {
"name" : "23583", "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/23583.c",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/23583" "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/23583.c"
}, },
{ {
"name" : "39116", "name": "23583",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/39116" "url": "http://www.securityfocus.com/bid/23583"
} }
] ]
} }

86
2007/2xxx/CVE-2007-2561.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2561", "ID": "CVE-2007-2561",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115." "value": "SQL injection vulnerability in index.asp in fipsCMS 2.1 allows remote attackers to execute arbitrary SQL commands via the pid parameter, a different vector than CVE-2006-6115."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070506 fipsCMS v2.1 Remote SQL injection Vulnerability", "name": "20070506 fipsCMS v2.1 Remote SQL injection Vulnerability",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/467838/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/467838/100/0/threaded"
}, },
{ {
"name" : "23850", "name": "2688",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/23850" "url": "http://securityreason.com/securityalert/2688"
}, },
{ {
"name" : "36169", "name": "fipscms-pid-sql-injection(34155)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/36169" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34155"
}, },
{ {
"name" : "2688", "name": "23850",
"refsource" : "SREASON", "refsource": "BID",
"url" : "http://securityreason.com/securityalert/2688" "url": "http://www.securityfocus.com/bid/23850"
}, },
{ {
"name" : "fipscms-pid-sql-injection(34155)", "name": "36169",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34155" "url": "http://osvdb.org/36169"
} }
] ]
} }

98
2007/2xxx/CVE-2007-2767.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2767", "ID": "CVE-2007-2767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors." "value": "Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.opendap.org/security.html", "name": "24056",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.opendap.org/security.html" "url": "http://www.securityfocus.com/bid/24056"
}, },
{ {
"name" : "VU#671028", "name": "35486",
"refsource" : "CERT-VN", "refsource": "OSVDB",
"url" : "http://www.kb.cert.org/vuls/id/671028" "url": "http://osvdb.org/35486"
}, },
{ {
"name" : "24056", "name": "VU#671028",
"refsource" : "BID", "refsource": "CERT-VN",
"url" : "http://www.securityfocus.com/bid/24056" "url": "http://www.kb.cert.org/vuls/id/671028"
}, },
{ {
"name" : "ADV-2007-1887", "name": "ADV-2007-1887",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1887" "url": "http://www.vupen.com/english/advisories/2007/1887"
}, },
{ {
"name" : "35486", "name": "opendap-beshyrax-unspecified-info-disclosure(34410)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/35486" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34410"
}, },
{ {
"name" : "25319", "name": "http://www.opendap.org/security.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/25319" "url": "http://www.opendap.org/security.html"
}, },
{ {
"name" : "opendap-beshyrax-unspecified-info-disclosure(34410)", "name": "25319",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34410" "url": "http://secunia.com/advisories/25319"
} }
] ]
} }

98
2007/2xxx/CVE-2007-2964.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2964", "ID": "CVE-2007-2964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs." "value": "The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.f-secure.com/security/fsc-2007-4.shtml", "name": "1018149",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.f-secure.com/security/fsc-2007-4.shtml" "url": "http://www.securitytracker.com/id?1018149"
}, },
{ {
"name" : "24233", "name": "25449",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/24233" "url": "http://secunia.com/advisories/25449"
}, },
{ {
"name" : "36723", "name": "http://www.f-secure.com/security/fsc-2007-4.shtml",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/36723" "url": "http://www.f-secure.com/security/fsc-2007-4.shtml"
}, },
{ {
"name" : "ADV-2007-1986", "name": "24233",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/1986" "url": "http://www.securityfocus.com/bid/24233"
}, },
{ {
"name" : "1018149", "name": "fsecure-policymanager-fsmsh-dos(34584)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1018149" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34584"
}, },
{ {
"name" : "25449", "name": "ADV-2007-1986",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/25449" "url": "http://www.vupen.com/english/advisories/2007/1986"
}, },
{ {
"name" : "fsecure-policymanager-fsmsh-dos(34584)", "name": "36723",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34584" "url": "http://osvdb.org/36723"
} }
] ]
} }

146
2007/3xxx/CVE-2007-3920.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3920", "ID": "CVE-2007-3920",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069." "value": "GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=357071", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=363061",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=357071" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=363061"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=363061", "name": "oval:org.mitre.oval:def:10192",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=363061" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192"
}, },
{ {
"name" : "FEDORA-2008-0930", "name": "FEDORA-2008-0956",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html"
}, },
{ {
"name" : "FEDORA-2008-0956", "name": "USN-537-2",
"refsource" : "FEDORA", "refsource": "UBUNTU",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html" "url": "http://www.ubuntu.com/usn/usn-537-2"
}, },
{ {
"name" : "RHSA-2008:0485", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=357071",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0485.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=357071"
}, },
{ {
"name" : "SUSE-SA:2008:027", "name": "30715",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html" "url": "http://secunia.com/advisories/30715"
}, },
{ {
"name" : "USN-537-1", "name": "gnomescreensaver-compiz-security-bypass(37410)",
"refsource" : "UBUNTU", "refsource": "XF",
"url" : "http://www.ubuntu.com/usn/usn-537-1" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37410"
}, },
{ {
"name" : "USN-537-2", "name": "SUSE-SA:2008:027",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/usn-537-2" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00002.html"
}, },
{ {
"name" : "26188", "name": "USN-537-1",
"refsource" : "BID", "refsource": "UBUNTU",
"url" : "http://www.securityfocus.com/bid/26188" "url": "http://www.ubuntu.com/usn/usn-537-1"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10192", "name": "FEDORA-2008-0930",
"refsource" : "OVAL", "refsource": "FEDORA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10192" "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html"
}, },
{ {
"name" : "27381", "name": "26188",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/27381" "url": "http://www.securityfocus.com/bid/26188"
}, },
{ {
"name" : "28627", "name": "RHSA-2008:0485",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/28627" "url": "http://www.redhat.com/support/errata/RHSA-2008-0485.html"
}, },
{ {
"name" : "30329", "name": "27381",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30329" "url": "http://secunia.com/advisories/27381"
}, },
{ {
"name" : "30715", "name": "28627",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30715" "url": "http://secunia.com/advisories/28627"
}, },
{ {
"name" : "gnomescreensaver-compiz-security-bypass(37410)", "name": "30329",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37410" "url": "http://secunia.com/advisories/30329"
} }
] ]
} }

146
2007/6xxx/CVE-2007-6109.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6109", "ID": "CVE-2007-6109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line." "value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=200297", "name": "27965",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=200297" "url": "http://secunia.com/advisories/27965"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=307562", "name": "USN-607-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://docs.info.apple.com/article.html?artnum=307562" "url": "https://usn.ubuntu.com/607-1/"
}, },
{ {
"name" : "APPLE-SA-2008-03-18", "name": "27984",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" "url": "http://secunia.com/advisories/27984"
}, },
{ {
"name" : "GLSA-200712-03", "name": "http://bugs.gentoo.org/show_bug.cgi?id=200297",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-200712-03.xml" "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
}, },
{ {
"name" : "MDVSA-2008:034", "name": "ADV-2008-0924",
"refsource" : "MANDRIVA", "refsource": "VUPEN",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034" "url": "http://www.vupen.com/english/advisories/2008/0924/references"
}, },
{ {
"name" : "SUSE-SR:2007:025", "name": "SUSE-SR:2007:025",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
}, },
{ {
"name" : "SUSE-SR:2008:003", "name": "29420",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html" "url": "http://secunia.com/advisories/29420"
}, },
{ {
"name" : "USN-607-1", "name": "APPLE-SA-2008-03-18",
"refsource" : "UBUNTU", "refsource": "APPLE",
"url" : "https://usn.ubuntu.com/607-1/" "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
}, },
{ {
"name" : "ADV-2008-0924", "name": "emacs-unspecified-bo(38904)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2008/0924/references" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
}, },
{ {
"name" : "27984", "name": "MDVSA-2008:034",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/27984" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
}, },
{ {
"name" : "27965", "name": "30109",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27965" "url": "http://secunia.com/advisories/30109"
}, },
{ {
"name" : "28838", "name": "GLSA-200712-03",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/28838" "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
}, },
{ {
"name" : "29420", "name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/29420" "url": "http://docs.info.apple.com/article.html?artnum=307562"
}, },
{ {
"name" : "30109", "name": "28838",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30109" "url": "http://secunia.com/advisories/28838"
}, },
{ {
"name" : "emacs-unspecified-bo(38904)", "name": "SUSE-SR:2008:003",
"refsource" : "XF", "refsource": "SUSE",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
} }
] ]
} }

80
2007/6xxx/CVE-2007-6222.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6222", "ID": "CVE-2007-6222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information." "value": "The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=558602&group_id=61096", "name": "26685",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=558602&group_id=61096" "url": "http://www.securityfocus.com/bid/26685"
}, },
{ {
"name" : "26685", "name": "http://sourceforge.net/project/shownotes.php?release_id=558602&group_id=61096",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/26685" "url": "http://sourceforge.net/project/shownotes.php?release_id=558602&group_id=61096"
}, },
{ {
"name" : "27874", "name": "27874",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27874" "url": "http://secunia.com/advisories/27874"
}, },
{ {
"name" : "crmctt-checkcustomeraccess-security-bypass(38808)", "name": "crmctt-checkcustomeraccess-security-bypass(38808)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38808" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38808"
} }
] ]
} }

110
2010/0xxx/CVE-2010-0488.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0488", "ID": "CVE-2010-0488",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified \"encoding strings,\" which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka \"Post Encoding Information Disclosure Vulnerability.\"" "value": "Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified \"encoding strings,\" which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka \"Post Encoding Information Disclosure Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS10-018", "name": "JVN#49467403",
"refsource" : "MS", "refsource": "JVN",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018" "url": "http://jvn.jp/en/jp/JVN49467403/index.html"
}, },
{ {
"name" : "TA10-068A", "name": "TA10-089A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-068A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-089A.html"
}, },
{ {
"name" : "TA10-089A", "name": "39028",
"refsource" : "CERT", "refsource": "BID",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-089A.html" "url": "http://www.securityfocus.com/bid/39028"
}, },
{ {
"name" : "JVN#49467403", "name": "TA10-068A",
"refsource" : "JVN", "refsource": "CERT",
"url" : "http://jvn.jp/en/jp/JVN49467403/index.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-068A.html"
}, },
{ {
"name" : "JVNDB-2010-000011", "name": "MS10-018",
"refsource" : "JVNDB", "refsource": "MS",
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000011.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-018"
}, },
{ {
"name" : "39028", "name": "JVNDB-2010-000011",
"refsource" : "BID", "refsource": "JVNDB",
"url" : "http://www.securityfocus.com/bid/39028" "url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000011.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:7840", "name": "ADV-2010-0744",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7840" "url": "http://www.vupen.com/english/advisories/2010/0744"
}, },
{ {
"name" : "1023773", "name": "1023773",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1023773" "url": "http://securitytracker.com/id?1023773"
}, },
{ {
"name" : "ADV-2010-0744", "name": "oval:org.mitre.oval:def:7840",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2010/0744" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7840"
} }
] ]
} }

74
2010/0xxx/CVE-2010-0640.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0640", "ID": "CVE-2010-0640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request." "value": "Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML detection is disabled, allows remote attackers to inject arbitrary web script or HTML via a crafted request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20100223 CA20100223-01: Security Notice for CA eHealth Performance Manager", "name": "38376",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/509714/100/0/threaded" "url": "http://www.securityfocus.com/bid/38376"
}, },
{ {
"name" : "20100223 CA20100223-01: Security Notice for CA eHealth Performance Manager", "name": "20100223 CA20100223-01: Security Notice for CA eHealth Performance Manager",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Feb/415" "url": "http://seclists.org/fulldisclosure/2010/Feb/415"
}, },
{ {
"name" : "38376", "name": "20100223 CA20100223-01: Security Notice for CA eHealth Performance Manager",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/38376" "url": "http://www.securityfocus.com/archive/1/509714/100/0/threaded"
} }
] ]
} }

74
2010/1xxx/CVE-2010-1802.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1802", "ID": "CVE-2010-1802",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com." "value": "libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT4312", "name": "1024359",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://support.apple.com/kb/HT4312" "url": "http://securitytracker.com/id?1024359"
}, },
{ {
"name" : "APPLE-SA-2010-08-24-1", "name": "APPLE-SA-2010-08-24-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html" "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
}, },
{ {
"name" : "1024359", "name": "http://support.apple.com/kb/HT4312",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1024359" "url": "http://support.apple.com/kb/HT4312"
} }
] ]
} }

86
2010/4xxx/CVE-2010-4353.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4353", "ID": "CVE-2010-4353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory." "value": "Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://gallery.menalto.com/gallery_3.0.1_released", "name": "43028",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://gallery.menalto.com/gallery_3.0.1_released" "url": "http://secunia.com/advisories/43028"
}, },
{ {
"name" : "45964", "name": "gallery-extension-file-upload(64870)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/45964" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64870"
}, },
{ {
"name" : "70628", "name": "http://gallery.menalto.com/gallery_3.0.1_released",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/70628" "url": "http://gallery.menalto.com/gallery_3.0.1_released"
}, },
{ {
"name" : "43028", "name": "70628",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/43028" "url": "http://osvdb.org/70628"
}, },
{ {
"name" : "gallery-extension-file-upload(64870)", "name": "45964",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64870" "url": "http://www.securityfocus.com/bid/45964"
} }
] ]
} }

92
2010/4xxx/CVE-2010-4748.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4748", "ID": "CVE-2010-4748",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information." "value": "Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to inject arbitrary web script or HTML via the from parameter to Main/WikiSandbox. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20101214 xss in PmWiki", "name": "http://www.pmwiki.org/wiki/PmWiki/ChangeLog",
"refsource" : "FULLDISC", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=full-disclosure&m=129234473228351&w=2" "url": "http://www.pmwiki.org/wiki/PmWiki/ChangeLog"
}, },
{ {
"name" : "http://packetstormsecurity.org/files/view/96687/pm-wiki-xss.txt", "name": "20101214 xss in PmWiki",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://packetstormsecurity.org/files/view/96687/pm-wiki-xss.txt" "url": "http://marc.info/?l=full-disclosure&m=129234473228351&w=2"
}, },
{ {
"name" : "http://www.pmwiki.org/wiki/PmWiki/ChangeLog", "name": "8113",
"refsource" : "CONFIRM", "refsource": "SREASON",
"url" : "http://www.pmwiki.org/wiki/PmWiki/ChangeLog" "url": "http://securityreason.com/securityalert/8113"
}, },
{ {
"name" : "http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes", "name": "http://packetstormsecurity.org/files/view/96687/pm-wiki-xss.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes" "url": "http://packetstormsecurity.org/files/view/96687/pm-wiki-xss.txt"
}, },
{ {
"name" : "42608", "name": "42608",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/42608" "url": "http://secunia.com/advisories/42608"
}, },
{ {
"name" : "8113", "name": "http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes",
"refsource" : "SREASON", "refsource": "CONFIRM",
"url" : "http://securityreason.com/securityalert/8113" "url": "http://www.pmwiki.org/wiki/PmWiki/ReleaseNotes"
} }
] ]
} }

68
2010/4xxx/CVE-2010-4786.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4786", "ID": "CVE-2010-4786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting." "value": "IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg24029672", "name": "http://www.ibm.com/support/docview.wss?uid=swg24029672",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg24029672" "url": "http://www.ibm.com/support/docview.wss?uid=swg24029672"
}, },
{ {
"name" : "IO12316", "name": "IO12316",
"refsource" : "AIXAPAR", "refsource": "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg1IO12316" "url": "http://www.ibm.com/support/docview.wss?uid=swg1IO12316"
} }
] ]
} }

74
2010/5xxx/CVE-2010-5054.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5054", "ID": "CVE-2010-5054",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki before 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter." "value": "Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki before 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://jamwiki.svn.sourceforge.net/viewvc/jamwiki/wiki/branches/0.8.x/jamwiki-war/src/main/webapp/CHANGELOG.txt?view=markup&revision=2995", "name": "39225",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://jamwiki.svn.sourceforge.net/viewvc/jamwiki/wiki/branches/0.8.x/jamwiki-war/src/main/webapp/CHANGELOG.txt?view=markup&revision=2995" "url": "http://www.securityfocus.com/bid/39225"
}, },
{ {
"name" : "39225", "name": "http://jamwiki.svn.sourceforge.net/viewvc/jamwiki/wiki/branches/0.8.x/jamwiki-war/src/main/webapp/CHANGELOG.txt?view=markup&revision=2995",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/39225" "url": "http://jamwiki.svn.sourceforge.net/viewvc/jamwiki/wiki/branches/0.8.x/jamwiki-war/src/main/webapp/CHANGELOG.txt?view=markup&revision=2995"
}, },
{ {
"name" : "39335", "name": "39335",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/39335" "url": "http://secunia.com/advisories/39335"
} }
] ]
} }

110
2010/5xxx/CVE-2010-5169.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5169", "ID": "CVE-2010-5169",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute." "value": "** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html"
}, },
{ {
"name" : "20100505 KHOBE - 8.0 earthquake for Windows desktop security software", "name": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html" "url": "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/"
}, },
{ {
"name" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/", "name": "39924",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://countermeasures.trendmicro.eu/you-just-cant-trust-a-drunk/" "url": "http://www.securityfocus.com/bid/39924"
}, },
{ {
"name" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php", "name": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php" "url": "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
}, },
{ {
"name" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php", "name": "20100505 KHOBE - 8.0 earthquake for Windows desktop security software",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://matousec.com/info/articles/khobe-8.0-earthquake-for-windows-desktop-security-software.php" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-05/0066.html"
}, },
{ {
"name" : "http://www.f-secure.com/weblog/archives/00001949.html", "name": "67660",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.f-secure.com/weblog/archives/00001949.html" "url": "http://www.osvdb.org/67660"
}, },
{ {
"name" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/", "name": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/" "url": "http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/"
}, },
{ {
"name" : "39924", "name": "http://www.f-secure.com/weblog/archives/00001949.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/39924" "url": "http://www.f-secure.com/weblog/archives/00001949.html"
}, },
{ {
"name" : "67660", "name": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/67660" "url": "http://matousec.com/info/advisories/khobe-8.0-earthquake-for-windows-desktop-security-software.php"
} }
] ]
} }

74
2014/0xxx/CVE-2014-0122.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0122", "ID": "CVE-2014-0122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by remaining in a chat session after an intra-session capability removal by an administrator." "value": "mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by remaining in a chat session after an intra-session capability removal by an administrator."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140317 Moodle security notifications public", "name": "https://moodle.org/mod/forum/discuss.php?d=256418",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2014/03/17/1" "url": "https://moodle.org/mod/forum/discuss.php?d=256418"
}, },
{ {
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082", "name": "[oss-security] 20140317 Moodle security notifications public",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082" "url": "http://openwall.com/lists/oss-security/2014/03/17/1"
}, },
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=256418", "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://moodle.org/mod/forum/discuss.php?d=256418" "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44082"
} }
] ]
} }

68
2014/0xxx/CVE-2014-0261.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-0261", "ID": "CVE-2014-0261",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka \"Query Filter DoS Vulnerability.\"" "value": "Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka \"Query Filter DoS Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS14-004", "name": "MS14-004",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-004" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-004"
}, },
{ {
"name" : "1029601", "name": "1029601",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029601" "url": "http://www.securitytracker.com/id/1029601"
} }
] ]
} }

98
2014/0xxx/CVE-2014-0539.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2014-0539", "ID": "CVE-2014-0539",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537." "value": "Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0537."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-17.html", "name": "RHSA-2014:0860",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-17.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0860.html"
}, },
{ {
"name" : "GLSA-201407-02", "name": "68454",
"refsource" : "GENTOO", "refsource": "BID",
"url" : "http://security.gentoo.org/glsa/glsa-201407-02.xml" "url": "http://www.securityfocus.com/bid/68454"
}, },
{ {
"name" : "RHSA-2014:0860", "name": "59774",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0860.html" "url": "http://secunia.com/advisories/59774"
}, },
{ {
"name" : "68454", "name": "1030533",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/68454" "url": "http://www.securitytracker.com/id/1030533"
}, },
{ {
"name" : "1030533", "name": "59837",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id/1030533" "url": "http://secunia.com/advisories/59837"
}, },
{ {
"name" : "59837", "name": "GLSA-201407-02",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/59837" "url": "http://security.gentoo.org/glsa/glsa-201407-02.xml"
}, },
{ {
"name" : "59774", "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-17.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/59774" "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-17.html"
} }
] ]
} }

92
2014/0xxx/CVE-2014-0681.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0681", "ID": "CVE-2014-0681",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-output pages, aka Bug ID CSCui15064." "value": "Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine (ISE) 1.2 patch 2 and earlier allows remote attackers to inject arbitrary web script or HTML via a report containing a crafted URL that is not properly handled during generation of report-output pages, aka Bug ID CSCui15064."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32609", "name": "20140128 Cisco Identity Services Engine Reports Output Cross-Site Scripting Vulnerability",
"refsource" : "CONFIRM", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32609" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0681"
}, },
{ {
"name" : "20140128 Cisco Identity Services Engine Reports Output Cross-Site Scripting Vulnerability", "name": "102589",
"refsource" : "CISCO", "refsource": "OSVDB",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0681" "url": "http://osvdb.org/102589"
}, },
{ {
"name" : "65183", "name": "1029699",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/65183" "url": "http://www.securitytracker.com/id/1029699"
}, },
{ {
"name" : "102589", "name": "56714",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://osvdb.org/102589" "url": "http://secunia.com/advisories/56714"
}, },
{ {
"name" : "1029699", "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32609",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1029699" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32609"
}, },
{ {
"name" : "56714", "name": "65183",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/56714" "url": "http://www.securityfocus.com/bid/65183"
} }
] ]
} }

22
2014/0xxx/CVE-2014-0744.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-0744", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2014-0744",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }

68
2014/0xxx/CVE-2014-0989.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-0989", "ID": "CVE-2014-0989",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter." "value": "Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01", "name": "69534",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01" "url": "http://www.securityfocus.com/bid/69534"
}, },
{ {
"name" : "69534", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/69534" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-261-01"
} }
] ]
} }

62
2014/1xxx/CVE-2014-1297.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1297", "ID": "CVE-2014-1297",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access." "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, does not properly validate WebProcess IPC messages, which allows remote attackers to bypass a sandbox protection mechanism and read arbitrary files by leveraging WebProcess access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2014-04-01-1", "name": "APPLE-SA-2014-04-01-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
} }
] ]
} }

92
2014/1xxx/CVE-2014-1329.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1329", "ID": "CVE-2014-1329",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1." "value": "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT6254", "name": "https://support.apple.com/kb/HT6537",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT6254" "url": "https://support.apple.com/kb/HT6537"
}, },
{ {
"name" : "https://support.apple.com/kb/HT6537", "name": "APPLE-SA-2014-06-30-4",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/kb/HT6537" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html"
}, },
{ {
"name" : "APPLE-SA-2014-05-21-1", "name": "http://support.apple.com/kb/HT6254",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" "url": "http://support.apple.com/kb/HT6254"
}, },
{ {
"name" : "APPLE-SA-2014-06-30-3", "name": "APPLE-SA-2014-06-30-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html"
}, },
{ {
"name" : "APPLE-SA-2014-06-30-4", "name": "67553",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" "url": "http://www.securityfocus.com/bid/67553"
}, },
{ {
"name" : "67553", "name": "APPLE-SA-2014-05-21-1",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/67553" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html"
} }
] ]
} }

140
2014/1xxx/CVE-2014-1666.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1666", "ID": "CVE-2014-1666",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors." "value": "The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service (host or guest malfunction) or possibly gain privileges via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140123 Xen Security Advisory 87 (CVE-2014-1666) - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests", "name": "102536",
"refsource" : "MLIST", "refsource": "OSVDB",
"url" : "http://www.openwall.com/lists/oss-security/2014/01/24/6" "url": "http://osvdb.org/102536"
}, },
{ {
"name" : "http://xenbits.xen.org/xsa/xsa87-unstable-4.3.patch", "name": "65125",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://xenbits.xen.org/xsa/xsa87-unstable-4.3.patch" "url": "http://www.securityfocus.com/bid/65125"
}, },
{ {
"name" : "http://xenbits.xen.org/xsa/advisory-87.html", "name": "xen-cve20141666-priv-esc(90675)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://xenbits.xen.org/xsa/advisory-87.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90675"
}, },
{ {
"name" : "http://support.citrix.com/article/CTX200288", "name": "SUSE-SU-2014:0373",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://support.citrix.com/article/CTX200288" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html"
}, },
{ {
"name" : "FEDORA-2014-1552", "name": "FEDORA-2014-1552",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127607.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127607.html"
}, },
{ {
"name" : "FEDORA-2014-1559", "name": "http://support.citrix.com/article/CTX200288",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127580.html" "url": "http://support.citrix.com/article/CTX200288"
}, },
{ {
"name" : "GLSA-201407-03", "name": "GLSA-201407-03",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201407-03.xml" "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
}, },
{ {
"name" : "SUSE-SU-2014:0372", "name": "FEDORA-2014-1559",
"refsource" : "SUSE", "refsource": "FEDORA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127580.html"
}, },
{ {
"name" : "SUSE-SU-2014:0373", "name": "[oss-security] 20140123 Xen Security Advisory 87 (CVE-2014-1666) - PHYSDEVOP_{prepare,release}_msix exposed to unprivileged guests",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00011.html" "url": "http://www.openwall.com/lists/oss-security/2014/01/24/6"
}, },
{ {
"name" : "65125", "name": "1029684",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/65125" "url": "http://www.securitytracker.com/id/1029684"
}, },
{ {
"name" : "102536", "name": "SUSE-SU-2014:0372",
"refsource" : "OSVDB", "refsource": "SUSE",
"url" : "http://osvdb.org/102536" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00010.html"
}, },
{ {
"name" : "1029684", "name": "http://xenbits.xen.org/xsa/advisory-87.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1029684" "url": "http://xenbits.xen.org/xsa/advisory-87.html"
}, },
{ {
"name" : "56650", "name": "56650",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/56650" "url": "http://secunia.com/advisories/56650"
}, },
{ {
"name" : "xen-cve20141666-priv-esc(90675)", "name": "http://xenbits.xen.org/xsa/xsa87-unstable-4.3.patch",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90675" "url": "http://xenbits.xen.org/xsa/xsa87-unstable-4.3.patch"
} }
] ]
} }

22
2014/1xxx/CVE-2014-1897.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1897", "ID": "CVE-2014-1897",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2014/4xxx/CVE-2014-4050.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-4050", "ID": "CVE-2014-4050",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067." "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-2796, CVE-2014-2808, CVE-2014-2825, CVE-2014-4055, and CVE-2014-4067."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS14-051", "name": "1030715",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051" "url": "http://www.securitytracker.com/id/1030715"
}, },
{ {
"name" : "69125", "name": "MS14-051",
"refsource" : "BID", "refsource": "MS",
"url" : "http://www.securityfocus.com/bid/69125" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051"
}, },
{ {
"name" : "1030715", "name": "60670",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id/1030715" "url": "http://secunia.com/advisories/60670"
}, },
{ {
"name" : "60670", "name": "69125",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/60670" "url": "http://www.securityfocus.com/bid/69125"
}, },
{ {
"name" : "ms-ie-cve20144050-code-exec(94984)", "name": "ms-ie-cve20144050-code-exec(94984)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94984" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94984"
} }
] ]
} }

22
2014/4xxx/CVE-2014-4454.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-4454", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2014-4454",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }

68
2014/4xxx/CVE-2014-4521.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4521", "ID": "CVE-2014-4521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter." "value": "Cross-site scripting (XSS) vulnerability in client-assist.php in the dsIDXpress IDX plugin before 2.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://codevigilant.com/disclosure/wp-plugin-dsidxpress-a3-cross-site-scripting-xss", "name": "http://wordpress.org/plugins/dsidxpress/changelog",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://codevigilant.com/disclosure/wp-plugin-dsidxpress-a3-cross-site-scripting-xss" "url": "http://wordpress.org/plugins/dsidxpress/changelog"
}, },
{ {
"name" : "http://wordpress.org/plugins/dsidxpress/changelog", "name": "http://codevigilant.com/disclosure/wp-plugin-dsidxpress-a3-cross-site-scripting-xss",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://wordpress.org/plugins/dsidxpress/changelog" "url": "http://codevigilant.com/disclosure/wp-plugin-dsidxpress-a3-cross-site-scripting-xss"
} }
] ]
} }

62
2014/4xxx/CVE-2014-4578.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4578", "ID": "CVE-2014-4578",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter." "value": "Cross-site scripting (XSS) vulnerability in asset-studio/icons-launcher.php in the WP App Maker plugin 1.0.16.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://codevigilant.com/disclosure/wp-plugin-wp-app-maker-a3-cross-site-scripting-xss", "name": "http://codevigilant.com/disclosure/wp-plugin-wp-app-maker-a3-cross-site-scripting-xss",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://codevigilant.com/disclosure/wp-plugin-wp-app-maker-a3-cross-site-scripting-xss" "url": "http://codevigilant.com/disclosure/wp-plugin-wp-app-maker-a3-cross-site-scripting-xss"
} }
] ]
} }

110
2014/4xxx/CVE-2014-4668.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4668", "ID": "CVE-2014-4668",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password." "value": "The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140628 CVE request / advisory: Cherokee", "name": "68249",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://openwall.com/lists/oss-security/2014/06/28/3" "url": "http://www.securityfocus.com/bid/68249"
}, },
{ {
"name" : "[oss-security] 20140628 Re: CVE request / advisory: Cherokee", "name": "[oss-security] 20140628 Re: CVE request / advisory: Cherokee",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/06/28/7" "url": "http://openwall.com/lists/oss-security/2014/06/28/7"
}, },
{ {
"name" : "https://github.com/cherokee/webserver/commit/fbda667221c51f0aa476a02366e0cf66cb012f88", "name": "FEDORA-2015-6392",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://github.com/cherokee/webserver/commit/fbda667221c51f0aa476a02366e0cf66cb012f88" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156190.html"
}, },
{ {
"name" : "http://advisories.mageia.org/MGASA-2015-0181.html", "name": "MDVSA-2015:225",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://advisories.mageia.org/MGASA-2015-0181.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:225"
}, },
{ {
"name" : "FEDORA-2015-6194", "name": "FEDORA-2015-6279",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155776.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156162.html"
}, },
{ {
"name" : "FEDORA-2015-6279", "name": "https://github.com/cherokee/webserver/commit/fbda667221c51f0aa476a02366e0cf66cb012f88",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156162.html" "url": "https://github.com/cherokee/webserver/commit/fbda667221c51f0aa476a02366e0cf66cb012f88"
}, },
{ {
"name" : "FEDORA-2015-6392", "name": "[oss-security] 20140628 CVE request / advisory: Cherokee",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156190.html" "url": "http://openwall.com/lists/oss-security/2014/06/28/3"
}, },
{ {
"name" : "MDVSA-2015:225", "name": "FEDORA-2015-6194",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:225" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155776.html"
}, },
{ {
"name" : "68249", "name": "http://advisories.mageia.org/MGASA-2015-0181.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/68249" "url": "http://advisories.mageia.org/MGASA-2015-0181.html"
} }
] ]
} }

80
2014/4xxx/CVE-2014-4785.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4785", "ID": "CVE-2014-4785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences." "value": "Cross-site request forgery (CSRF) vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682450", "name": "ibm-imds-cve20144785-csrf(95032)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682450" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95032"
}, },
{ {
"name" : "69694", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682450",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/69694" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682450"
}, },
{ {
"name" : "60996", "name": "60996",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60996" "url": "http://secunia.com/advisories/60996"
}, },
{ {
"name" : "ibm-imds-cve20144785-csrf(95032)", "name": "69694",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95032" "url": "http://www.securityfocus.com/bid/69694"
} }
] ]
} }

22
2014/5xxx/CVE-2014-5123.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5123", "ID": "CVE-2014-5123",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2014/5xxx/CVE-2014-5138.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5138", "ID": "CVE-2014-5138",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

224
2014/9xxx/CVE-2014-9295.json
View File

@ -1,196 +1,196 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9295", "ID": "CVE-2014-9295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function." "value": "Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA", "name": "20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products",
"refsource" : "CONFIRM", "refsource": "CISCO",
"url" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd"
}, },
{ {
"name" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg", "name": "71761",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg" "url": "http://www.securityfocus.com/bid/71761"
}, },
{ {
"name" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g", "name": "HPSBGN03277",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g" "url": "http://marc.info/?l=bugtraq&m=142590659431171&w=2"
}, },
{ {
"name" : "http://bugs.ntp.org/show_bug.cgi?id=2667", "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugs.ntp.org/show_bug.cgi?id=2667" "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232"
}, },
{ {
"name" : "http://bugs.ntp.org/show_bug.cgi?id=2668", "name": "http://bugs.ntp.org/show_bug.cgi?id=2667",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugs.ntp.org/show_bug.cgi?id=2668" "url": "http://bugs.ntp.org/show_bug.cgi?id=2667"
}, },
{ {
"name" : "http://bugs.ntp.org/show_bug.cgi?id=2669", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10103",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugs.ntp.org/show_bug.cgi?id=2669" "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10103"
}, },
{ {
"name" : "http://support.ntp.org/bin/view/Main/SecurityNotice", "name": "http://advisories.mageia.org/MGASA-2014-0541.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.ntp.org/bin/view/Main/SecurityNotice" "url": "http://advisories.mageia.org/MGASA-2014-0541.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1176037", "name": "VU#852879",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1176037" "url": "http://www.kb.cert.org/vuls/id/852879"
}, },
{ {
"name" : "http://advisories.mageia.org/MGASA-2014-0541.html", "name": "HPSBUX03240",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://advisories.mageia.org/MGASA-2014-0541.html" "url": "http://marc.info/?l=bugtraq&m=142853370924302&w=2"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "name": "RHSA-2014:2025",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-2025.html"
}, },
{ {
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1176037",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1176037"
}, },
{ {
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm", "name": "62209",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm" "url": "http://secunia.com/advisories/62209"
}, },
{ {
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}, },
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10103", "name": "RHSA-2015:0104",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10103" "url": "http://rhn.redhat.com/errata/RHSA-2015-0104.html"
}, },
{ {
"name" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", "name": "HPSBOV03505",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" "url": "http://marc.info/?l=bugtraq&m=144182594518755&w=2"
}, },
{ {
"name" : "20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products", "name": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA",
"refsource" : "CISCO", "refsource": "CONFIRM",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd" "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA"
}, },
{ {
"name" : "HPSBPV03266", "name": "SSRT101872",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=142469153211996&w=2" "url": "http://marc.info/?l=bugtraq&m=142853370924302&w=2"
}, },
{ {
"name" : "HPSBGN03277", "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=142590659431171&w=2" "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
}, },
{ {
"name" : "HPSBOV03505", "name": "http://bugs.ntp.org/show_bug.cgi?id=2668",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=144182594518755&w=2" "url": "http://bugs.ntp.org/show_bug.cgi?id=2668"
}, },
{ {
"name" : "HPSBUX03240", "name": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=142853370924302&w=2" "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg"
}, },
{ {
"name" : "SSRT101872", "name": "openSUSE-SU-2014:1670",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://marc.info/?l=bugtraq&m=142853370924302&w=2" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html"
}, },
{ {
"name" : "MDVSA-2015:003", "name": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:003" "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g"
}, },
{ {
"name" : "RHSA-2014:2025", "name": "http://support.ntp.org/bin/view/Main/SecurityNotice",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-2025.html" "url": "http://support.ntp.org/bin/view/Main/SecurityNotice"
}, },
{ {
"name" : "RHSA-2015:0104", "name": "HPSBPV03266",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0104.html" "url": "http://marc.info/?l=bugtraq&m=142469153211996&w=2"
}, },
{ {
"name" : "openSUSE-SU-2014:1670", "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html" "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783"
}, },
{ {
"name" : "VU#852879", "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm",
"refsource" : "CERT-VN", "refsource": "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/852879" "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm"
}, },
{ {
"name" : "71761", "name": "MDVSA-2015:003",
"refsource" : "BID", "refsource": "MANDRIVA",
"url" : "http://www.securityfocus.com/bid/71761" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:003"
}, },
{ {
"name" : "62209", "name": "http://bugs.ntp.org/show_bug.cgi?id=2669",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/62209" "url": "http://bugs.ntp.org/show_bug.cgi?id=2669"
} }
] ]
} }

74
2016/3xxx/CVE-2016-3405.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3405", "ID": "CVE-2016-3405",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 104828." "value": "Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 104828."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0", "name": "95886",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0" "url": "http://www.securityfocus.com/bid/95886"
}, },
{ {
"name" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.7.0"
}, },
{ {
"name" : "95886", "name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/95886" "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
} }
] ]
} }

122
2016/3xxx/CVE-2016-3674.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-3674", "ID": "CVE-2016-3674",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document." "value": "Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160325 CVE request - XStream: XXE vulnerability", "name": "http://x-stream.github.io/changes.html#1.4.9",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/03/25/8" "url": "http://x-stream.github.io/changes.html#1.4.9"
}, },
{ {
"name" : "[oss-security] 20160328 Re: CVE request - XStream: XXE vulnerability", "name": "FEDORA-2016-de909cc333",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2016/03/28/1" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183180.html"
}, },
{ {
"name" : "http://x-stream.github.io/changes.html#1.4.9", "name": "DSA-3575",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "http://x-stream.github.io/changes.html#1.4.9" "url": "http://www.debian.org/security/2016/dsa-3575"
}, },
{ {
"name" : "https://github.com/x-stream/xstream/issues/25", "name": "RHSA-2016:2822",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://github.com/x-stream/xstream/issues/25" "url": "http://rhn.redhat.com/errata/RHSA-2016-2822.html"
}, },
{ {
"name" : "DSA-3575", "name": "85381",
"refsource" : "DEBIAN", "refsource": "BID",
"url" : "http://www.debian.org/security/2016/dsa-3575" "url": "http://www.securityfocus.com/bid/85381"
}, },
{ {
"name" : "FEDORA-2016-250042b8a6", "name": "1036419",
"refsource" : "FEDORA", "refsource": "SECTRACK",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183208.html" "url": "http://www.securitytracker.com/id/1036419"
}, },
{ {
"name" : "FEDORA-2016-de909cc333", "name": "[oss-security] 20160328 Re: CVE request - XStream: XXE vulnerability",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183180.html" "url": "http://www.openwall.com/lists/oss-security/2016/03/28/1"
}, },
{ {
"name" : "RHSA-2016:2822", "name": "RHSA-2016:2823",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2822.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-2823.html"
}, },
{ {
"name" : "RHSA-2016:2823", "name": "https://github.com/x-stream/xstream/issues/25",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2823.html" "url": "https://github.com/x-stream/xstream/issues/25"
}, },
{ {
"name" : "85381", "name": "[oss-security] 20160325 CVE request - XStream: XXE vulnerability",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/85381" "url": "http://www.openwall.com/lists/oss-security/2016/03/25/8"
}, },
{ {
"name" : "1036419", "name": "FEDORA-2016-250042b8a6",
"refsource" : "SECTRACK", "refsource": "FEDORA",
"url" : "http://www.securitytracker.com/id/1036419" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183208.html"
} }
] ]
} }

92
2016/7xxx/CVE-2016-7522.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-7522", "ID": "CVE-2016-7522",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file." "value": "The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/22/2" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378751"
}, },
{ {
"name" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419", "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419" "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378751", "name": "https://github.com/ImageMagick/ImageMagick/issues/93",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378751" "url": "https://github.com/ImageMagick/ImageMagick/issues/93"
}, },
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58", "name": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58" "url": "https://github.com/ImageMagick/ImageMagick/commit/4b1b9c0522628887195bad3a6723f7000b0c9a58"
}, },
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/93", "name": "93131",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/93" "url": "http://www.securityfocus.com/bid/93131"
}, },
{ {
"name" : "93131", "name": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/93131" "url": "https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1537419"
} }
] ]
} }

74
2016/7xxx/CVE-2016-7600.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-7600", "ID": "CVE-2016-7600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the \"OpenPAM\" component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app." "value": "An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the \"OpenPAM\" component, which allows local users to obtain sensitive information by leveraging mishandling of failed PAM authentication by a sandboxed app."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207423", "name": "94903",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT207423" "url": "http://www.securityfocus.com/bid/94903"
}, },
{ {
"name" : "94903", "name": "1037469",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/94903" "url": "http://www.securitytracker.com/id/1037469"
}, },
{ {
"name" : "1037469", "name": "https://support.apple.com/HT207423",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037469" "url": "https://support.apple.com/HT207423"
} }
] ]
} }

86
2016/8xxx/CVE-2016-8310.json
View File

@ -1,89 +1,89 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-8310", "ID": "CVE-2016-8310",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "FLEXCUBE Universal Banking", "product_name": "FLEXCUBE Universal Banking",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "11.3.0" "version_value": "11.3.0"
}, },
{ {
"version_value" : "11.4.0" "version_value": "11.4.0"
}, },
{ {
"version_value" : "12.0.1" "version_value": "12.0.1"
}, },
{ {
"version_value" : "12.0.2" "version_value": "12.0.2"
}, },
{ {
"version_value" : "12.0.3" "version_value": "12.0.3"
}, },
{ {
"version_value" : "12.1.0" "version_value": "12.1.0"
}, },
{ {
"version_value" : "12.2.0" "version_value": "12.2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts)." "value": "Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0 and 12.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle FLEXCUBE Universal Banking. CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "name": "95545",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "url": "http://www.securityfocus.com/bid/95545"
}, },
{ {
"name" : "95545", "name": "1037636",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/95545" "url": "http://www.securitytracker.com/id/1037636"
}, },
{ {
"name" : "1037636", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037636" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
} }
] ]
} }

76
2016/8xxx/CVE-2016-8420.json
View File

@ -1,74 +1,74 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8420", "ID": "CVE-2016-8420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451171. References: QC-CR#1087807." "value": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32451171. References: QC-CR#1087807."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-02-01.html", "name": "96047",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-02-01.html" "url": "http://www.securityfocus.com/bid/96047"
}, },
{ {
"name" : "96047", "name": "1037798",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/96047" "url": "http://www.securitytracker.com/id/1037798"
}, },
{ {
"name" : "1037798", "name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037798" "url": "https://source.android.com/security/bulletin/2017-02-01.html"
} }
] ]
} }

62
2016/8xxx/CVE-2016-8716.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2016-8716", "ID": "CVE-2016-8716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client", "product_name": "AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.1" "version_value": "1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Moxa" "vendor_name": "Moxa"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials." "value": "An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of intercepting this traffic is able to obtain valid credentials."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cleartext Transmission vulnerabilty" "value": "Cleartext Transmission vulnerabilty"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0230", "name": "http://www.talosintelligence.com/reports/TALOS-2016-0230",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0230" "url": "http://www.talosintelligence.com/reports/TALOS-2016-0230"
} }
] ]
} }

22
2016/8xxx/CVE-2016-8895.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8895", "ID": "CVE-2016-8895",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

84
2016/9xxx/CVE-2016-9158.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "productcert@siemens.com", "ASSIGNER": "productcert@siemens.com",
"ID" : "CVE-2016-9158", "ID": "CVE-2016-9158",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SIMATIC S7-300 CPU family, SIMATIC S7-400 V6 and earlier CPU family, SIMATIC S7-400 V7 CPU family", "product_name": "SIMATIC S7-300 CPU family, SIMATIC S7-400 V6 and earlier CPU family, SIMATIC S7-400 V7 CPU family",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SIMATIC S7-300 CPU family : All versions" "version_value": "SIMATIC S7-300 CPU family : All versions"
}, },
{ {
"version_value" : "SIMATIC S7-400 V6 and earlier CPU family : All versions" "version_value": "SIMATIC S7-400 V6 and earlier CPU family : All versions"
}, },
{ {
"version_value" : "SIMATIC S7-400 V7 CPU family : All versions" "version_value": "SIMATIC S7-400 V7 CPU family : All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Siemens AG" "vendor_name": "Siemens AG"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability has been identified in SIMATIC S7-300 CPU family, SIMATIC S7-400 V6 and earlier CPU family, SIMATIC S7-400 V7 CPU family. Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system. This vulnerability affects all SIMATIC S7-300 PN CPUs, and all SIMATIC S7-400 PN V6 and V7 CPUs." "value": "A vulnerability has been identified in SIMATIC S7-300 CPU family, SIMATIC S7-400 V6 and earlier CPU family, SIMATIC S7-400 V7 CPU family. Specially crafted packets sent to port 80/tcp could cause the affected devices to go into defect mode. A cold restart is required to recover the system. This vulnerability affects all SIMATIC S7-300 PN CPUs, and all SIMATIC S7-400 PN V6 and V7 CPUs."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-20: Improper Input Validation" "value": "CWE-20: Improper Input Validation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05", "name": "94820",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05" "url": "http://www.securityfocus.com/bid/94820"
}, },
{ {
"name" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf", "name": "1037434",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf" "url": "http://www.securitytracker.com/id/1037434"
}, },
{ {
"name" : "94820", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/94820" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-05"
}, },
{ {
"name" : "1037434", "name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037434" "url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-731239.pdf"
} }
] ]
} }

22
2016/9xxx/CVE-2016-9518.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9518", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-9518",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

86
2016/9xxx/CVE-2016-9593.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-9593", "ID": "CVE-2016-9593",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "foreman-debug", "product_name": "foreman-debug",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "foreman-debug 1.15.0" "version_value": "foreman-debug 1.15.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "" "vendor_name": ""
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems." "value": "foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to access those systems."
} }
] ]
}, },
"impact" : { "impact": {
"cvss" : [ "cvss": [
[ [
{ {
"vectorString" : "4.7/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "vectorString": "4.7/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0" "version": "3.0"
} }
], ],
[ [
{ {
"vectorString" : "1.5/AV:L/AC:M/Au:S/C:P/I:N/A:N", "vectorString": "1.5/AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version" : "2.0" "version": "2.0"
} }
] ]
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-522" "value": "CWE-522"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9593", "name": "94985",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9593" "url": "http://www.securityfocus.com/bid/94985"
}, },
{ {
"name" : "RHSA-2018:0336", "name": "RHSA-2018:0336",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:0336" "url": "https://access.redhat.com/errata/RHSA-2018:0336"
}, },
{ {
"name" : "94985", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9593",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/94985" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9593"
} }
] ]
} }

90
2019/2xxx/CVE-2019-2507.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2507", "ID": "CVE-2019-2507",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.6.42 and prior" "version_value": "5.6.42 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.24 and prior" "version_value": "5.7.24 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.13 and prior" "version_value": "8.0.13 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "106619",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "http://www.securityfocus.com/bid/106619"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}, },
{ {
"name" : "USN-3867-1", "name": "USN-3867-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3867-1/" "url": "https://usn.ubuntu.com/3867-1/"
}, },
{ {
"name" : "106619", "name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106619" "url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
} }
] ]
} }

22
2019/2xxx/CVE-2019-2558.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2558", "ID": "CVE-2019-2558",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2705.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2705", "ID": "CVE-2019-2705",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2774.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2774", "ID": "CVE-2019-2774",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2777.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2777", "ID": "CVE-2019-2777",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }