admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:44:46 +00:00
parent 401c7322da
commit e82f0f6e1b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 3996 additions and 3996 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
2001/1xxx/CVE-2001-1456.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1456", "ID": "CVE-2001-1456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20011104-01-I", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I" "lang": "eng",
}, "value": "Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message."
{ }
"name" : "CA-2001-25", ]
"refsource" : "CERT", },
"url" : "http://www.cert.org/advisories/CA-2001-25.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#206723", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/206723" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3290", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/3290" ]
}, },
{ "references": {
"name" : "gauntlet-csmap-bo(7088)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088" "name": "CA-2001-25",
} "refsource": "CERT",
] "url": "http://www.cert.org/advisories/CA-2001-25.html"
} },
{
"name": "VU#206723",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/206723"
},
{
"name": "gauntlet-csmap-bo(7088)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7088"
},
{
"name": "3290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3290"
},
{
"name": "20011104-01-I",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20011104-01-I"
}
]
}
} }

138
2001/1xxx/CVE-2001-1512.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1512", "ID": "CVE-2001-1512",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=22287", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=22287" "lang": "eng",
}, "value": "Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050."
{ }
"name" : "3662", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/3662" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "allaire-jrun-webinf-metainf-jsp(7677)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7677.php" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "allaire-jrun-webinf-metainf-jsp(7677)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7677.php"
},
{
"name": "3662",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3662"
},
{
"name": "http://www.macromedia.com/v1/handlers/index.cfm?ID=22287",
"refsource": "CONFIRM",
"url": "http://www.macromedia.com/v1/handlers/index.cfm?ID=22287"
}
]
}
} }

208
2006/2xxx/CVE-2006-2148.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2148", "ID": "CVE-2006-2148",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cvs.cgiirc.org/chngview?cn=263", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://cvs.cgiirc.org/chngview?cn=263" "lang": "eng",
}, "value": "Multiple buffer overflows in client.c in CGI:IRC (CGIIRC) before 0.5.8 might allow remote attackers to execute arbitrary code via (1) cookies or (2) the query string."
{ }
"name" : "http://cvs.cgiirc.org/chngview?cn=283", ]
"refsource" : "CONFIRM", },
"url" : "http://cvs.cgiirc.org/chngview?cn=283" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365680", "description": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365680" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://cvs.cgiirc.org/timeline?d=300&e=2006-Apr-30&c=2&px=&s=0&dm=1&x=1&m=1", ]
"refsource" : "CONFIRM", }
"url" : "http://cvs.cgiirc.org/timeline?d=300&e=2006-Apr-30&c=2&px=&s=0&dm=1&x=1&m=1" ]
}, },
{ "references": {
"name" : "DSA-1052", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1052" "name": "ADV-2006-1607",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1607"
"name" : "17799", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17799" "name": "cgiirc-client-bo(26173)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26173"
"name" : "ADV-2006-1607", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1607" "name": "http://cvs.cgiirc.org/chngview?cn=283",
}, "refsource": "CONFIRM",
{ "url": "http://cvs.cgiirc.org/chngview?cn=283"
"name" : "19922", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19922" "name": "19985",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19985"
"name" : "19985", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19985" "name": "http://cvs.cgiirc.org/chngview?cn=263",
}, "refsource": "CONFIRM",
{ "url": "http://cvs.cgiirc.org/chngview?cn=263"
"name" : "cgiirc-client-bo(26173)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26173" "name": "19922",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19922"
} },
{
"name": "http://cvs.cgiirc.org/timeline?d=300&e=2006-Apr-30&c=2&px=&s=0&dm=1&x=1&m=1",
"refsource": "CONFIRM",
"url": "http://cvs.cgiirc.org/timeline?d=300&e=2006-Apr-30&c=2&px=&s=0&dm=1&x=1&m=1"
},
{
"name": "17799",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17799"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365680",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365680"
},
{
"name": "DSA-1052",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1052"
}
]
}
} }

178
2006/2xxx/CVE-2006-2533.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2533", "ID": "CVE-2006-2533",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060521 Destiney Rated Images Script v0.5.0 - XSS Vulnv", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/434691/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag."
{ }
"name" : "20060526 Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/435093/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18070", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18070" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1927", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1927" ]
}, },
{ "references": {
"name" : "20249", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20249" "name": "20060521 Destiney Rated Images Script v0.5.0 - XSS Vulnv",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/434691/100/0/threaded"
"name" : "940", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/940" "name": "20249",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20249"
"name" : "destineyris-multiple-xss(26605)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26605" "name": "destineyris-multiple-xss(26605)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26605"
} },
{
"name": "ADV-2006-1927",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1927"
},
{
"name": "20060526 Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435093/100/0/threaded"
},
{
"name": "18070",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18070"
},
{
"name": "940",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/940"
}
]
}
} }

128
2006/2xxx/CVE-2006-2609.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2609", "ID": "CVE-2006-2609",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2006-1930", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1930" "lang": "eng",
}, "value": "artmedic newsletter 4.1.2 and possibly other versions, when register_globals is enabled, allows remote attackers to modify arbitrary files and execute arbitrary PHP code via the email parameter to newsletter_log.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "20204", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/20204" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-1930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1930"
},
{
"name": "20204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20204"
}
]
}
} }

218
2006/2xxx/CVE-2006-2841.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2841", "ID": "CVE-2006-2841",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1858", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1858" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in AssoCIateD (aka ACID) CMS 1.1.3 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) menu.php, (2) profile.php, (3) users.php, (4) cache_mngt.php, and (5) gallery_functions.php."
{ }
"name" : "http://sourceforge.net/forum/forum.php?forum_id=577084", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/forum/forum.php?forum_id=577084" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "18220", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18220" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-2107", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/2107" ]
}, },
{ "references": {
"name" : "26146", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26146" "name": "26148",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/26148"
"name" : "26147", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26147" "name": "associated-rootpath-file-include(26931)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26931"
"name" : "26148", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26148" "name": "20426",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20426"
"name" : "26149", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26149" "name": "1858",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/1858"
"name" : "26150", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/26150" "name": "http://sourceforge.net/forum/forum.php?forum_id=577084",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/forum/forum.php?forum_id=577084"
"name" : "20426", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20426" "name": "26147",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/26147"
"name" : "associated-rootpath-file-include(26931)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26931" "name": "26146",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/26146"
} },
{
"name": "26149",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26149"
},
{
"name": "ADV-2006-2107",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2107"
},
{
"name": "18220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18220"
},
{
"name": "26150",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26150"
}
]
}
} }

148
2006/3xxx/CVE-2006-3424.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3424", "ID": "CVE-2006-3424",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060706 WebEx ActiveX Control DLL Injection", "description_data": [
"refsource" : "ISS", {
"url" : "http://xforce.iss.net/xforce/alerts/id/226" "lang": "eng",
}, "value": "Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "ADV-2006-2688", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/2688" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20956", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20956" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "webex-activex-multiple-bo(27786)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27786" ]
} },
] "references": {
} "reference_data": [
{
"name": "ADV-2006-2688",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2688"
},
{
"name": "20956",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20956"
},
{
"name": "20060706 WebEx ActiveX Control DLL Injection",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/226"
},
{
"name": "webex-activex-multiple-bo(27786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27786"
}
]
}
} }

178
2006/3xxx/CVE-2006-3452.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3452", "ID": "CVE-2006-3452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb06-08.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb06-08.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files."
{ }
"name" : "18945", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/18945" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2758", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2758" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27157", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/27157" ]
}, },
{ "references": {
"name" : "1016473", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016473" "name": "18945",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18945"
"name" : "21016", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21016" "name": "http://www.adobe.com/support/security/bulletins/apsb06-08.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/bulletins/apsb06-08.html"
"name" : "acrobat-reader-insecure-permissions(27678)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27678" "name": "acrobat-reader-insecure-permissions(27678)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27678"
} },
{
"name": "ADV-2006-2758",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2758"
},
{
"name": "27157",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27157"
},
{
"name": "21016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21016"
},
{
"name": "1016473",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016473"
}
]
}
} }

138
2006/3xxx/CVE-2006-3954.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3954", "ID": "CVE-2006-3954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060729 [KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/441534/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to read arbitrary files via a .. (dot dot) in the gallery parameter in a (1) avatar or (2) do_avatar action."
{ }
"name" : "19195", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/19195" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1319", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1319" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20060729 [KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441534/100/0/threaded"
},
{
"name": "1319",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1319"
},
{
"name": "19195",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19195"
}
]
}
} }

148
2006/6xxx/CVE-2006-6239.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6239", "ID": "CVE-2006-6239",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote attackers to authenticate using an empty password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mailenable.com/hotfix/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mailenable.com/hotfix/" "lang": "eng",
}, "value": "webadmin in MailEnable NetWebAdmin Professional 2.32 and Enterprise 2.32 allows remote attackers to authenticate using an empty password."
{ }
"name" : "ADV-2006-4713", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/4713" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1017287", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017287" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23105", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23105" ]
} },
] "references": {
} "reference_data": [
{
"name": "ADV-2006-4713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4713"
},
{
"name": "23105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23105"
},
{
"name": "http://www.mailenable.com/hotfix/",
"refsource": "CONFIRM",
"url": "http://www.mailenable.com/hotfix/"
},
{
"name": "1017287",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017287"
}
]
}
} }

32
2006/6xxx/CVE-2006-6319.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6319", "ID": "CVE-2006-6319",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2006/6xxx/CVE-2006-6614.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6614", "ID": "CVE-2006-6614",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402644", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402644" "lang": "eng",
}, "value": "The save_log_local function in Fully Automatic Installation (FAI) 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to obtain the hash."
{ }
"name" : "21579", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21579" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4995", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4995" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23330", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23330" ]
}, },
{ "references": {
"name" : "fai-log-file-info-disclosure(30892)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30892" "name": "23330",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23330"
} },
{
"name": "fai-log-file-info-disclosure(30892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30892"
},
{
"name": "ADV-2006-4995",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4995"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402644",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=402644"
},
{
"name": "21579",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21579"
}
]
}
} }

148
2006/7xxx/CVE-2006-7053.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7053", "ID": "CVE-2006-7053",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through 3.0/29, 3.1, 3.2, and 3.3 allows remote attackers to bypass keyword filtering in the FAST HTTP module, and signatures in the IDPS HTTP module, via crafted URLs that are \"misinterpreted.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.arkoon.fr/upload/alertes/32AK-2006-01-EN-1.0_EVASION_HTTP.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.arkoon.fr/upload/alertes/32AK-2006-01-EN-1.0_EVASION_HTTP.pdf" "lang": "eng",
}, "value": "Unspecified vulnerability in Arkoon FAST360 UTM appliances 3.0 through 3.0/29, 3.1, 3.2, and 3.3 allows remote attackers to bypass keyword filtering in the FAST HTTP module, and signatures in the IDPS HTTP module, via crafted URLs that are \"misinterpreted.\""
{ }
"name" : "ADV-2006-2216", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/2216" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20570", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20570" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "fast360-http-security-bypass(27003)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27003" ]
} },
] "references": {
} "reference_data": [
{
"name": "fast360-http-security-bypass(27003)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27003"
},
{
"name": "http://www.arkoon.fr/upload/alertes/32AK-2006-01-EN-1.0_EVASION_HTTP.pdf",
"refsource": "CONFIRM",
"url": "http://www.arkoon.fr/upload/alertes/32AK-2006-01-EN-1.0_EVASION_HTTP.pdf"
},
{
"name": "ADV-2006-2216",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2216"
},
{
"name": "20570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20570"
}
]
}
} }

138
2006/7xxx/CVE-2006-7112.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7112", "ID": "CVE-2006-7112",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2712", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2712" "lang": "eng",
}, "value": "Directory traversal vulnerability in error.php in MD-Pro 1.0.76 and earlier allows remote authenticated users to read and include arbitrary files via the PNSVlang cookie, as demonstrated by uploading a GIF image using AddDownload or injecting PHP code into a log file, then accessing it."
{ }
"name" : "20912", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20912" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mdpro-pnsvlang-file-include(30026)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30026" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "mdpro-pnsvlang-file-include(30026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30026"
},
{
"name": "2712",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2712"
},
{
"name": "20912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20912"
}
]
}
} }

148
2011/0xxx/CVE-2011-0229.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0229", "ID": "CVE-2011-0229",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5002", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5002" "lang": "eng",
}, "value": "Apple Type Services (ATS) in Apple Mac OS X through 10.6.8 does not properly handle embedded Type 1 fonts, which allows remote attackers to execute arbitrary code via a crafted document that triggers an out-of-bounds memory access."
{ }
"name" : "APPLE-SA-2011-10-12-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "50091", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/50091" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "50085", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/50085" ]
} },
] "references": {
} "reference_data": [
{
"name": "50091",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50091"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
},
{
"name": "50085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50085"
}
]
}
} }

188
2011/0xxx/CVE-2011-0311.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0311", "ID": "CVE-2011-0311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "IZ89602", "description_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602" "lang": "eng",
}, "value": "The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read."
{ }
"name" : "IZ89620", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PM42551", "description": [
"refsource" : "AIXAPAR", {
"url" : "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2011:1159", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1159.html" ]
}, },
{ "references": {
"name" : "RHSA-2011:1265", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1265.html" "name": "SUSE-SU-2011:0823",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
"name" : "SUSE-SA:2011:024", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html" "name": "IZ89602",
}, "refsource": "AIXAPAR",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
"name" : "SUSE-SU-2011:0823", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html" "name": "RHSA-2011:1159",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
"name" : "ibm-rjt-classfile-dos(65189)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189" "name": "ibm-rjt-classfile-dos(65189)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
} },
{
"name": "IZ89620",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"name": "PM42551",
"refsource": "AIXAPAR",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "SUSE-SA:2011:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"name": "RHSA-2011:1265",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
]
}
} }

168
2011/0xxx/CVE-2011-0492.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0492", "ID": "CVE-2011-0492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[or-announce] 20110117 Tor 0.2.1.29 is released (security patches)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://archives.seul.org/or/announce/Jan-2011/msg00000.html" "lang": "eng",
}, "value": "Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file."
{ }
"name" : "http://blog.torproject.org/blog/tor-02129-released-security-patches", ]
"refsource" : "CONFIRM", },
"url" : "http://blog.torproject.org/blog/tor-02129-released-security-patches" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog", "description": [
"refsource" : "CONFIRM", {
"url" : "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://trac.torproject.org/projects/tor/ticket/2326", ]
"refsource" : "CONFIRM", }
"url" : "https://trac.torproject.org/projects/tor/ticket/2326" ]
}, },
{ "references": {
"name" : "45953", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45953" "name": "[or-announce] 20110117 Tor 0.2.1.29 is released (security patches)",
}, "refsource": "MLIST",
{ "url": "http://archives.seul.org/or/announce/Jan-2011/msg00000.html"
"name" : "tor-blobs-dos(64867)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64867" "name": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog",
} "refsource": "CONFIRM",
] "url": "https://gitweb.torproject.org/tor.git/blob/refs/heads/release-0.2.2:/ChangeLog"
} },
{
"name": "http://blog.torproject.org/blog/tor-02129-released-security-patches",
"refsource": "CONFIRM",
"url": "http://blog.torproject.org/blog/tor-02129-released-security-patches"
},
{
"name": "tor-blobs-dos(64867)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64867"
},
{
"name": "https://trac.torproject.org/projects/tor/ticket/2326",
"refsource": "CONFIRM",
"url": "https://trac.torproject.org/projects/tor/ticket/2326"
},
{
"name": "45953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45953"
}
]
}
} }

238
2011/0xxx/CVE-2011-0772.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0772", "ID": "CVE-2011-0772",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110125 HTB22788: XSS in Pivotx", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/515958/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color parameter to includes/blogroll.php or (2) src parameter to includes/timwrapper.php."
{ }
"name" : "20110125 HTB22790: XSS in Pivotx", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/515964/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.htbridge.ch/advisory/xss_in_pivotx.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.htbridge.ch/advisory/xss_in_pivotx.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.htbridge.ch/advisory/xss_in_pivotx_1.html", ]
"refsource" : "MISC", }
"url" : "http://www.htbridge.ch/advisory/xss_in_pivotx_1.html" ]
}, },
{ "references": {
"name" : "http://blog.pivotx.net/archive/2011/01/11/pivotx-222-released", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://blog.pivotx.net/archive/2011/01/11/pivotx-222-released" "name": "70673",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/70673"
"name" : "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3409", },
"refsource" : "CONFIRM", {
"url" : "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3409" "name": "http://blog.pivotx.net/archive/2011/01/11/pivotx-222-released",
}, "refsource": "CONFIRM",
{ "url": "http://blog.pivotx.net/archive/2011/01/11/pivotx-222-released"
"name" : "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3410", },
"refsource" : "CONFIRM", {
"url" : "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3410" "name": "45996",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45996"
"name" : "45996", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45996" "name": "pivotx-blogroll-xss(64975)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64975"
"name" : "70673", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/70673" "name": "43040",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43040"
"name" : "70674", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/70674" "name": "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3409",
}, "refsource": "CONFIRM",
{ "url": "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3409"
"name" : "43040", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43040" "name": "70674",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/70674"
"name" : "8062", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8062" "name": "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3410",
}, "refsource": "CONFIRM",
{ "url": "http://pivot-weblog.svn.sf.net/viewvc/pivot-weblog?view=revision&revision=3410"
"name" : "pivotx-blogroll-xss(64975)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64975" "name": "http://www.htbridge.ch/advisory/xss_in_pivotx.html",
} "refsource": "MISC",
] "url": "http://www.htbridge.ch/advisory/xss_in_pivotx.html"
} },
{
"name": "20110125 HTB22790: XSS in Pivotx",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515964/100/0/threaded"
},
{
"name": "8062",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8062"
},
{
"name": "http://www.htbridge.ch/advisory/xss_in_pivotx_1.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/xss_in_pivotx_1.html"
},
{
"name": "20110125 HTB22788: XSS in Pivotx",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515958/100/0/threaded"
}
]
}
} }

188
2011/1xxx/CVE-2011-1173.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-1173", "ID": "CVE-2011-1173",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-netdev&m=130036203528021&w=2" "lang": "eng",
}, "value": "The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.39 on the x86_64 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking (AUN) packet."
{ }
"name" : "[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/03/18/15" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/03/21/4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2011/03/21/1" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14", "reference_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14" "name": "[netdev] 20110317 [PATCH] econet: 4 byte infoleak to the network",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-netdev&m=130036203528021&w=2"
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e", },
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e" "name": "[oss-security] 20110318 CVE request: kernel: netfilter & econet infoleaks",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2011/03/18/15"
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39", },
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=67c5c6cb8129c595f21e88254a3fc6b3b841ae8e"
"name" : "8279", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8279" "name": "8279",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/8279"
} },
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=591815#c14"
},
{
"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/21/4"
},
{
"name": "[oss-security] 20110321 Re: CVE request: kernel: netfilter & econet infoleaks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/21/1"
}
]
}
} }

188
2011/1xxx/CVE-2011-1703.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-1703", "ID": "CVE-2011-1703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110606 ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/518271/100/0/threaded" "lang": "eng",
}, "value": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url."
{ }
"name" : "http://zerodayinitiative.com/advisories/ZDI-11-176/", ]
"refsource" : "MISC", },
"url" : "http://zerodayinitiative.com/advisories/ZDI-11-176/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://download.novell.com/Download?buildid=6_bNby38ERg~", "description": [
"refsource" : "CONFIRM", {
"url" : "http://download.novell.com/Download?buildid=6_bNby38ERg~" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727", ]
"refsource" : "CONFIRM", }
"url" : "http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727" ]
}, },
{ "references": {
"name" : "48124", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48124" "name": "1025606",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1025606"
"name" : "1025606", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025606" "name": "http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727",
}, "refsource": "CONFIRM",
{ "url": "http://www.novell.com/support/php/search.do?cmd=displayKC&docType=kc&externalId=7008727"
"name" : "44811", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44811" "name": "http://download.novell.com/Download?buildid=6_bNby38ERg~",
}, "refsource": "CONFIRM",
{ "url": "http://download.novell.com/Download?buildid=6_bNby38ERg~"
"name" : "novell-iprint-driverversion-bo(67878)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67878" "name": "novell-iprint-driverversion-bo(67878)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67878"
} },
{
"name": "http://zerodayinitiative.com/advisories/ZDI-11-176/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-176/"
},
{
"name": "44811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44811"
},
{
"name": "48124",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48124"
},
{
"name": "20110606 ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/518271/100/0/threaded"
}
]
}
} }

198
2011/2xxx/CVE-2011-2823.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2011-2823", "ID": "CVE-2011-2823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=82552", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=82552" "lang": "eng",
}, "value": "Use-after-free vulnerability in Google Chrome before 13.0.782.215 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a line box."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT4981", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4981" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/kb/HT4999", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/kb/HT4999" ]
}, },
{ "references": {
"name" : "http://support.apple.com/kb/HT5000", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5000" "name": "oval:org.mitre.oval:def:13789",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13789"
"name" : "APPLE-SA-2011-10-11-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" "name": "http://code.google.com/p/chromium/issues/detail?id=82552",
}, "refsource": "CONFIRM",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=82552"
"name" : "APPLE-SA-2011-10-12-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" "name": "http://support.apple.com/kb/HT4981",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT4981"
"name" : "APPLE-SA-2011-10-12-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html" "name": "APPLE-SA-2011-10-12-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
"name" : "oval:org.mitre.oval:def:13789", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13789" "name": "APPLE-SA-2011-10-11-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
} },
{
"name": "APPLE-SA-2011-10-12-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT4999",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4999"
},
{
"name": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_22.html"
},
{
"name": "http://support.apple.com/kb/HT5000",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5000"
}
]
}
} }

198
2011/3xxx/CVE-2011-3106.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3106", "ID": "CVE-2011-3106",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=122654", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=122654" "lang": "eng",
}, "value": "The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201205-04", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201205-04.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53679", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/53679" ]
}, },
{ "references": {
"name" : "82251", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/82251" "name": "GLSA-201205-04",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201205-04.xml"
"name" : "oval:org.mitre.oval:def:15470", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15470" "name": "53679",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/53679"
"name" : "1027098", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027098" "name": "http://code.google.com/p/chromium/issues/detail?id=122654",
}, "refsource": "CONFIRM",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=122654"
"name" : "49277", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49277" "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html"
"name" : "49306", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49306" "name": "82251",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/82251"
} },
{
"name": "1027098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027098"
},
{
"name": "49306",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49306"
},
{
"name": "oval:org.mitre.oval:def:15470",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15470"
},
{
"name": "49277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49277"
}
]
}
} }

268
2011/3xxx/CVE-2011-3598.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-3598", "ID": "CVE-2011-3598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20111004 CVE Request -- phpPgAdmin -- Multiple XSS flaws fixed in v5.0.3", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/10/04/1" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php."
{ }
"name" : "[oss-security] 20111004 Re: CVE Request -- phpPgAdmin -- Multiple XSS flaws fixed in v5.0.3", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/10/04/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[phppgadmin-news] 20111003 [ppa-news] phpPgAdmin 5.0.3 released", "description": [
"refsource" : "MLIST", {
"url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=4E897F6C.90905%40free.fr&forum_name=phppgadmin-news" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://freshmeat.net/projects/phppgadmin/releases/336969", ]
"refsource" : "CONFIRM", }
"url" : "http://freshmeat.net/projects/phppgadmin/releases/336969" ]
}, },
{ "references": {
"name" : "https://bugs.gentoo.org/show_bug.cgi?id=385505", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.gentoo.org/show_bug.cgi?id=385505" "name": "FEDORA-2011-13805",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067843.html"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=743205", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=743205" "name": "46426",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46426"
"name" : "https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842" "name": "[phppgadmin-news] 20111003 [ppa-news] phpPgAdmin 5.0.3 released",
}, "refsource": "MLIST",
{ "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4E897F6C.90905%40free.fr&forum_name=phppgadmin-news"
"name" : "FEDORA-2011-13748", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068009.html" "name": "openSUSE-SU-2012:0493",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2012-04/msg00033.html"
"name" : "FEDORA-2011-13801", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067846.html" "name": "https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/phppgadmin/phppgadmin/commit/1df248203de055f97e092b50b1dd9643ccb73842"
"name" : "FEDORA-2011-13805", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067843.html" "name": "https://bugs.gentoo.org/show_bug.cgi?id=385505",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.gentoo.org/show_bug.cgi?id=385505"
"name" : "openSUSE-SU-2012:0493", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2012-04/msg00033.html" "name": "46248",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46248"
"name" : "49914", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/49914" "name": "75998",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/75998"
"name" : "75997", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/75997" "name": "FEDORA-2011-13801",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067846.html"
"name" : "75998", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/75998" "name": "[oss-security] 20111004 Re: CVE Request -- phpPgAdmin -- Multiple XSS flaws fixed in v5.0.3",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2011/10/04/10"
"name" : "46248", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46248" "name": "http://freshmeat.net/projects/phppgadmin/releases/336969",
}, "refsource": "CONFIRM",
{ "url": "http://freshmeat.net/projects/phppgadmin/releases/336969"
"name" : "46426", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46426" "name": "[oss-security] 20111004 CVE Request -- phpPgAdmin -- Multiple XSS flaws fixed in v5.0.3",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2011/10/04/1"
} },
{
"name": "49914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49914"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=743205",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=743205"
},
{
"name": "75997",
"refsource": "OSVDB",
"url": "http://osvdb.org/75997"
},
{
"name": "FEDORA-2011-13748",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068009.html"
}
]
}
} }

148
2011/3xxx/CVE-2011-3771.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3771", "ID": "CVE-2011-3771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" "lang": "eng",
}, "value": "phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files."
{ }
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", ]
"refsource" : "MISC", },
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/phpBook-2.1.0", "description": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/phpBook-2.1.0" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpbook-updatesmilies-path-disclosure(70601)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70601" ]
} },
] "references": {
} "reference_data": [
{
"name": "phpbook-updatesmilies-path-disclosure(70601)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70601"
},
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/phpBook-2.1.0",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/phpBook-2.1.0"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}
} }

228
2011/3xxx/CVE-2011-3888.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2011-3888", "ID": "CVE-2011-3888",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=99138", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=99138" "lang": "eng",
}, "value": "Use-after-free vulnerability in Google Chrome before 15.0.874.102 allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to editing operations in conjunction with an unknown plug-in."
{ }
"name" : "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2012-03-07-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2012-03-07-2", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2012-03-12-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html" "name": "google-chrome-editing-code-exec(70966)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70966"
"name" : "oval:org.mitre.oval:def:13107", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13107" "name": "apple-webkit-cve20113888-code-execution(73805)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73805"
"name" : "1026774", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026774" "name": "1026774",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1026774"
"name" : "48274", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48274" "name": "48377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48377"
"name" : "48288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48288" "name": "oval:org.mitre.oval:def:13107",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13107"
"name" : "48377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48377" "name": "http://code.google.com/p/chromium/issues/detail?id=99138",
}, "refsource": "CONFIRM",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=99138"
"name" : "google-chrome-editing-code-exec(70966)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70966" "name": "APPLE-SA-2012-03-12-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00003.html"
"name" : "apple-webkit-cve20113888-code-execution(73805)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73805" "name": "48274",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/48274"
} },
{
"name": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html"
},
{
"name": "APPLE-SA-2012-03-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00000.html"
},
{
"name": "48288",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48288"
},
{
"name": "APPLE-SA-2012-03-07-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Mar/msg00001.html"
}
]
}
} }

128
2011/4xxx/CVE-2011-4534.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2011-4534", "ID": "CVE-2011-4534",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf" "lang": "eng",
}, "value": "ZenSysSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via a series of connections and disconnections on TCP port 1101, aka Reference Number 25212."
{ }
"name" : "47892", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/47892" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf"
},
{
"name": "47892",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47892"
}
]
}
} }

128
2011/4xxx/CVE-2011-4760.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4760", "ID": "CVE-2011-4760",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/email-address/list and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html" "lang": "eng",
}, "value": "Parallels Plesk Small Business Panel 10.2.0 has web pages containing e-mail addresses that are not intended for correspondence about the local application deployment, which allows remote attackers to obtain potentially sensitive information by reading a page, as demonstrated by smb/email-address/list and certain other files."
{ }
"name" : "ppsbp-lad-info-disc(72212)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72212" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ppsbp-lad-info-disc(72212)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72212"
},
{
"name": "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html",
"refsource": "MISC",
"url": "http://xss.cx/examples/plesk-reports/plesk-10.2.0.html"
}
]
}
} }

32
2011/4xxx/CVE-2011-4844.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4844", "ID": "CVE-2011-4844",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2011/4xxx/CVE-2011-4893.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4893", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2011-4893",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2011. Notes: none."
} }
] ]
} }
} }

118
2013/5xxx/CVE-2013-5177.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-5177", "ID": "CVE-2013-5177",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2013-10-22-3", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html" "lang": "eng",
} "value": "The kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service (panic) via an invalid iovec structure."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2013-10-22-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html"
}
]
}
} }

158
2013/5xxx/CVE-2013-5197.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-5197", "ID": "CVE-2013-5197",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6162", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6162" "lang": "eng",
}, "value": "WebKit, as used in Apple Safari before 6.1.1 and 7.x before 7.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-12-16-1."
{ }
"name" : "http://support.apple.com/kb/HT6163", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT6163" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT6537", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT6537" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2013-12-16-1", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2013-12-16-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html" "name": "APPLE-SA-2013-12-16-1",
} "refsource": "APPLE",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0087.html"
} },
{
"name": "http://support.apple.com/kb/HT6163",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6163"
},
{
"name": "https://support.apple.com/kb/HT6537",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6537"
},
{
"name": "http://support.apple.com/kb/HT6162",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6162"
},
{
"name": "APPLE-SA-2013-12-16-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-12/0086.html"
}
]
}
} }

148
2013/5xxx/CVE-2013-5557.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-5557", "ID": "CVE-2013-5557",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=37383", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=37383" "lang": "eng",
}, "value": "The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577."
{ }
"name" : "20150206 Cisco Adaptive Security Appliance WebVPN Content Rewriter Denial of Service Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "72529", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72529" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "cisco-asa-cve20135557-dos(100694)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100694" ]
} },
] "references": {
} "reference_data": [
{
"name": "72529",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72529"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37383",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37383"
},
{
"name": "20150206 Cisco Adaptive Security Appliance WebVPN Content Rewriter Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557"
},
{
"name": "cisco-asa-cve20135557-dos(100694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100694"
}
]
}
} }

128
2013/5xxx/CVE-2013-5636.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5636", "ID": "CVE-2013-5636",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt" "lang": "eng",
}, "value": "Unlock.exe in Media Encryption EPM Explorer in Check Point Endpoint Security through E80.50 does not associate password failures with a device ID, which makes it easier for physically proximate attackers to bypass the device-locking protection mechanism by overwriting DVREM.EPM with a copy of itself after each few password guesses."
{ }
"name" : "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589", ]
"refsource" : "CONFIRM", },
"url" : "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt",
"refsource": "MISC",
"url": "http://www.digitalsec.net/stuff/explt+advs/CheckPoint_EndPoint_EPM_Explorer.txt"
},
{
"name": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589",
"refsource": "CONFIRM",
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk96589"
}
]
}
} }

32
2013/5xxx/CVE-2013-5689.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-5689", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-5689",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5688. Reason: This issue has been MERGED with CVE-2013-5688 in accordance with CVE content decisions, because it is the same type of vulnerability affecting the same versions. Notes: All CVE users should reference CVE-2013-5688 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5688. Reason: This issue has been MERGED with CVE-2013-5688 in accordance with CVE content decisions, because it is the same type of vulnerability affecting the same versions. Notes: All CVE users should reference CVE-2013-5688 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

32
2014/2xxx/CVE-2014-2930.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2930", "ID": "CVE-2014-2930",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

188
2014/6xxx/CVE-2014-6316.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6316", "ID": "CVE-2014-6316",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/12/03/11" "lang": "eng",
}, "value": "core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php."
{ }
"name" : "[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT", ]
"refsource" : "MLIST", },
"url" : "http://seclists.org/oss-sec/2014/q4/931" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/mantisbt/mantisbt/commit/e66ecc9f", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/mantisbt/mantisbt/commit/e66ecc9f" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.mantisbt.org/bugs/view.php?id=17648", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mantisbt.org/bugs/view.php?id=17648" ]
}, },
{ "references": {
"name" : "DSA-3120", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3120" "name": "https://www.mantisbt.org/bugs/view.php?id=17648",
}, "refsource": "CONFIRM",
{ "url": "https://www.mantisbt.org/bugs/view.php?id=17648"
"name" : "71478", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71478" "name": "mantisbt-cve20146316-open-redirect(99128)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"
"name" : "62101", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62101" "name": "71478",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/71478"
"name" : "mantisbt-cve20146316-open-redirect(99128)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128" "name": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f",
} "refsource": "CONFIRM",
] "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"
} },
{
"name": "[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q4/931"
},
{
"name": "[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"
},
{
"name": "62101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62101"
},
{
"name": "DSA-3120",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3120"
}
]
}
} }

138
2014/6xxx/CVE-2014-6932.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6932", "ID": "CVE-2014-6932",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The All Navalny (aka com.all.navalny) application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The All Navalny (aka com.all.navalny) application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#655625", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/655625" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#655625",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/655625"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

138
2014/7xxx/CVE-2014-7735.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7735", "ID": "CVE-2014-7735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Dr. Sheikh Adnan Ibrahim (aka com.amitaff.adnanIbrahim) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#871665", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/871665" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#871665",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/871665"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

148
2017/0xxx/CVE-2017-0273.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0273", "ID": "CVE-2017-0273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Server Block Message 1.0", "product_name": "Server Block Message 1.0",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016." "version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" "lang": "eng",
}, "value": "The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka \"Windows SMB Denial of Service Vulnerability\". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280."
{ }
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0273", ]
"refsource" : "CONFIRM", },
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0273" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98274", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98274" "lang": "eng",
}, "value": "Denial of Service"
{ }
"name" : "1038433", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1038433" ]
} },
] "references": {
} "reference_data": [
{
"name": "98274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98274"
},
{
"name": "1038433",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038433"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0273",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0273"
}
]
}
} }

150
2017/0xxx/CVE-2017-0363.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@debian.org", "ASSIGNER": "security@debian.org",
"DATE_PUBLIC" : "2017-04-06T20:49:00.000Z", "DATE_PUBLIC": "2017-04-06T20:49:00.000Z",
"ID" : "CVE-2017-0363", "ID": "CVE-2017-0363",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Special:UserLogin?returnto=interwiki:foo will redirect to external sites" "TITLE": "Special:UserLogin?returnto=interwiki:foo will redirect to external sites"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "mediawiki", "product_name": "mediawiki",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "mediawiki" "vendor_name": "mediawiki"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "redirection to other external sites"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[mediawiki-announce] 20170406 Security Release: 1.28.1 / 1.27.2 / 1.23.16", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html" "lang": "eng",
}, "value": "Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites."
{ }
"name" : "https://phabricator.wikimedia.org/T109140", ]
"refsource" : "CONFIRM", },
"url" : "https://phabricator.wikimedia.org/T109140" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security-tracker.debian.org/tracker/CVE-2017-0363", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security-tracker.debian.org/tracker/CVE-2017-0363" "lang": "eng",
} "value": "redirection to other external sites"
] }
}, ]
"source" : { }
"advisory" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html", ]
"discovery" : "UNKNOWN" },
} "references": {
"reference_data": [
{
"name": "[mediawiki-announce] 20170406 Security Release: 1.28.1 / 1.27.2 / 1.23.16",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html"
},
{
"name": "https://phabricator.wikimedia.org/T109140",
"refsource": "CONFIRM",
"url": "https://phabricator.wikimedia.org/T109140"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2017-0363",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2017-0363"
}
]
},
"source": {
"advisory": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html",
"discovery": "UNKNOWN"
}
} }

144
2017/0xxx/CVE-2017-0427.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0427", "ID": "CVE-2017-0427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495866."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-02-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-02-01.html" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31495866."
{ }
"name" : "96071", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96071" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037798", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037798" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "96071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96071"
},
{
"name": "1037798",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037798"
},
{
"name": "https://source.android.com/security/bulletin/2017-02-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-02-01.html"
}
]
}
} }

130
2017/0xxx/CVE-2017-0786.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-09-05T00:00:00", "DATE_PUBLIC": "2017-09-05T00:00:00",
"ID" : "CVE-2017-0786", "ID": "CVE-2017-0786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android kernel" "version_value": "Android kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-09-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-09-01" "lang": "eng",
}, "value": "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101."
{ }
"name" : "100655", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100655" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name": "100655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100655"
}
]
}
} }

260
2017/0xxx/CVE-2017-0901.json
View File

@ -1,133 +1,133 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2017-08-27T00:00:00", "DATE_PUBLIC": "2017-08-27T00:00:00",
"ID" : "CVE-2017-0901", "ID": "CVE-2017-0901",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "RubyGems", "product_name": "RubyGems",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions before 2.6.13" "version_value": "Versions before 2.6.13"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'Ûª) (CWE-22)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42611", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42611/" "lang": "eng",
}, "value": "RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem."
{ }
"name" : "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blog.rubygems.org/2017/08/27/2.6.13-released.html", "description": [
"refsource" : "MISC", {
"url" : "http://blog.rubygems.org/2017/08/27/2.6.13-released.html" "lang": "eng",
}, "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'Ûª) (CWE-22)"
{ }
"name" : "https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2", ]
"refsource" : "MISC", }
"url" : "https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2" ]
}, },
{ "references": {
"name" : "https://hackerone.com/reports/243156", "reference_data": [
"refsource" : "MISC", {
"url" : "https://hackerone.com/reports/243156" "name": "USN-3685-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3685-1/"
"name" : "DSA-3966", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3966" "name": "USN-3553-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3553-1/"
"name" : "GLSA-201710-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201710-01" "name": "RHSA-2018:0585",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0585"
"name" : "RHSA-2017:3485", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:3485" "name": "DSA-3966",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2017/dsa-3966"
"name" : "RHSA-2018:0378", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0378" "name": "RHSA-2018:0378",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0378"
"name" : "RHSA-2018:0583", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0583" "name": "42611",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/42611/"
"name" : "RHSA-2018:0585", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0585" "name": "1039249",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1039249"
"name" : "USN-3553-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3553-1/" "name": "https://hackerone.com/reports/243156",
}, "refsource": "MISC",
{ "url": "https://hackerone.com/reports/243156"
"name" : "USN-3685-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3685-1/" "name": "RHSA-2017:3485",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:3485"
"name" : "100580", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100580" "name": "https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2",
}, "refsource": "MISC",
{ "url": "https://github.com/rubygems/rubygems/commit/ad5c0a53a86ca5b218c7976765c0365b91d22cb2"
"name" : "1039249", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039249" "name": "[debian-lts-announce] 20180714 [SECURITY] [DLA 1421-1] ruby2.1 security update",
} "refsource": "MLIST",
] "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html"
} },
{
"name": "RHSA-2018:0583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0583"
},
{
"name": "GLSA-201710-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-01"
},
{
"name": "100580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100580"
},
{
"name": "http://blog.rubygems.org/2017/08/27/2.6.13-released.html",
"refsource": "MISC",
"url": "http://blog.rubygems.org/2017/08/27/2.6.13-released.html"
}
]
}
} }

122
2017/1000xxx/CVE-2017-1000068.json
View File

@ -1,64 +1,64 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.319123", "DATE_ASSIGNED": "2017-05-06T20:43:28.319123",
"ID" : "CVE-2017-1000068", "ID": "CVE-2017-1000068",
"REQUESTER" : "john@betterment.com", "REQUESTER": "john@betterment.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "TestTrack Server", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.0 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "TestTrack" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Access Control"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/Betterment/test_track/releases/tag/v1.0.1", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/Betterment/test_track/releases/tag/v1.0.1" "lang": "eng",
} "value": "TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Betterment/test_track/releases/tag/v1.0.1",
"refsource": "MISC",
"url": "https://github.com/Betterment/test_track/releases/tag/v1.0.1"
}
]
}
} }

132
2017/1000xxx/CVE-2017-1000102.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.317430", "DATE_ASSIGNED": "2017-08-22T17:29:33.317430",
"ID" : "CVE-2017-1000102", "ID": "CVE-2017-1000102",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins Static Analysis Utilities Plugin", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.91 and earlier" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins Static Analysis Utilities Plugin" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XSS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2017-08-07/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2017-08-07/" "lang": "eng",
}, "value": "The Details view of some Static Analysis Utilities based plugins, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to these plugins, for example the console output which is parsed to extract build warnings (Warnings Plugin), could insert arbitrary HTML into this view."
{ }
"name" : "101061", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101061" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2017-08-07/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2017-08-07/"
},
{
"name": "101061",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101061"
}
]
}
} }

132
2017/1000xxx/CVE-2017-1000214.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.443258", "DATE_ASSIGNED": "2017-08-22T17:29:33.443258",
"ID" : "CVE-2017-1000214", "ID": "CVE-2017-1000214",
"REQUESTER" : "thomas.gerbet@enalean.com", "REQUESTER": "thomas.gerbet@enalean.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GitPHP", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.9.1 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "xiphux" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GitPHP by xiphux is vulnerable to OS Command Injections"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "OS Command Injection"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/Enalean/gitphp/commit/160621785ee812d6d90e20878bd6175e42c13c94", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/Enalean/gitphp/commit/160621785ee812d6d90e20878bd6175e42c13c94" "lang": "eng",
}, "value": "GitPHP by xiphux is vulnerable to OS Command Injections"
{ }
"name" : "https://github.com/xiphux/gitphp/pull/37", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/xiphux/gitphp/pull/37" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/xiphux/gitphp/pull/37",
"refsource": "CONFIRM",
"url": "https://github.com/xiphux/gitphp/pull/37"
},
{
"name": "https://github.com/Enalean/gitphp/commit/160621785ee812d6d90e20878bd6175e42c13c94",
"refsource": "CONFIRM",
"url": "https://github.com/Enalean/gitphp/commit/160621785ee812d6d90e20878bd6175e42c13c94"
}
]
}
} }

118
2017/18xxx/CVE-2017-18004.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18004", "ID": "CVE-2017-18004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bitbucket.org/zurmo/zurmo/issues/436/to-report-a-xss-security-vulnerability-in", "description_data": [
"refsource" : "MISC", {
"url" : "https://bitbucket.org/zurmo/zurmo/issues/436/to-report-a-xss-security-vulnerability-in" "lang": "eng",
} "value": "Zurmo 3.2.3 allows XSS via the latitude or longitude parameter to maps/default/mapAndPoint."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bitbucket.org/zurmo/zurmo/issues/436/to-report-a-xss-security-vulnerability-in",
"refsource": "MISC",
"url": "https://bitbucket.org/zurmo/zurmo/issues/436/to-report-a-xss-security-vulnerability-in"
}
]
}
} }

120
2017/18xxx/CVE-2017-18155.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-06-04T00:00:00", "DATE_PUBLIC": "2018-06-04T00:00:00",
"ID" : "CVE-2017-18155", "ID": "CVE-2017-18155",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile", "product_name": "Snapdragon Automobile, Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835" "version_value": "MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use of Unitialized Variable in Video"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-06-01#qualcomm-components", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-06-01#qualcomm-components" "lang": "eng",
} "value": "While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Unitialized Variable in Video"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-06-01#qualcomm-components",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-06-01#qualcomm-components"
}
]
}
} }

32
2017/1xxx/CVE-2017-1012.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1012", "ID": "CVE-2017-1012",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/1xxx/CVE-2017-1077.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1077", "ID": "CVE-2017-1077",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

176
2017/1xxx/CVE-2017-1096.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-06-30T00:00:00", "DATE_PUBLIC": "2017-06-30T00:00:00",
"ID" : "CVE-2017-1096", "ID": "CVE-2017-1096",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jazz Reporting Service", "product_name": "Jazz Reporting Service",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120656", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120656" "lang": "eng",
}, "value": "IBM Jazz Reporting Service (JRS) 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120656."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22001007", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22001007" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "99353", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99353" "lang": "eng",
} "value": "Cross-Site Scripting"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120656",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120656"
},
{
"name": "99353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99353"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22001007",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22001007"
}
]
}
} }

32
2017/1xxx/CVE-2017-1584.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1584", "ID": "CVE-2017-1584",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2017/1xxx/CVE-2017-1698.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-12-21T00:00:00", "DATE_PUBLIC": "2017-12-21T00:00:00",
"ID" : "CVE-2017-1698", "ID": "CVE-2017-1698",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebSphere Portal", "product_name": "WebSphere Portal",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "8.0" "version_value": "8.0"
}, },
{ {
"version_value" : "8.5" "version_value": "8.5"
}, },
{ {
"version_value" : "9.0" "version_value": "9.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134390", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/134390" "lang": "eng",
}, "value": "IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could reveal sensitive information from an error message that could lead to further attacks against the system. IBM X-Force ID: 124390."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22011519", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22011519" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "102281", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102281" "lang": "eng",
}, "value": "Obtain Information"
{ }
"name" : "1040043", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1040043" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22011519",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22011519"
},
{
"name": "102281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102281"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134390",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/134390"
},
{
"name": "1040043",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040043"
}
]
}
} }

32
2017/1xxx/CVE-2017-1703.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1703", "ID": "CVE-2017-1703",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4476.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4476", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4476",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4738.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4738", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4738",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

178
2017/5xxx/CVE-2017-5225.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5225", "ID": "CVE-2017-5225",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2656", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2656" "lang": "eng",
}, "value": "LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value."
{ }
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2657", ]
"refsource" : "CONFIRM", },
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2657" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3844", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2017/dsa-3844" ]
}, },
{ "references": {
"name" : "GLSA-201709-27", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201709-27" "name": "DSA-3844",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2017/dsa-3844"
"name" : "95413", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95413" "name": "GLSA-201709-27",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201709-27"
"name" : "1037911", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037911" "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2656",
} "refsource": "CONFIRM",
] "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2656"
} },
{
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2657",
"refsource": "CONFIRM",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2657"
},
{
"name": "1037911",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037911"
},
{
"name": "95413",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95413"
},
{
"name": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7",
"refsource": "CONFIRM",
"url": "https://github.com/vadz/libtiff/commit/5c080298d59efa53264d7248bbe3a04660db6ef7"
}
]
}
} }

32
2017/5xxx/CVE-2017-5293.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5293", "ID": "CVE-2017-5293",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }