admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:46:31 +00:00
parent 179f422945
commit e989d1e97a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 4372 additions and 4372 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

104
2006/0xxx/CVE-2006-0123.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0123",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0123",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in ADN Forum 1.0b allow remote attackers to execute arbitrary SQL commands via the (1) fid parameter in index.php and (2) pagid parameter in verpag.php, and possibly other vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060105 [eVuln] ADNForum Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/420990/100/0/threaded"
"name": "1015445",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015445"
},
{
"name" : "http://evuln.com/vulns/15/summary.html",
"refsource" : "MISC",
"url" : "http://evuln.com/vulns/15/summary.html"
"name": "22240",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22240"
},
{
"name" : "16157",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16157"
"name": "http://evuln.com/vulns/15/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/15/summary.html"
},
{
"name" : "ADV-2006-0077",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0077"
"name": "22241",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22241"
},
{
"name" : "1015445",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015445"
"name": "ADV-2006-0077",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0077"
},
{
"name" : "18300",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18300"
"name": "18300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18300"
},
{
"name" : "22240",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22240"
"name": "16157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16157"
},
{
"name" : "22241",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/22241"
"name": "20060105 [eVuln] ADNForum Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420990/100/0/threaded"
}
]
}

110
2006/0xxx/CVE-2006-0262.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0262",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0262",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
"lang": "eng",
"value": "Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
"name": "oracle-january2006-update(24321)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
},
{
"name" : "VU#545804",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/545804"
"name": "18493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18493"
},
{
"name" : "16287",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/16287"
"name": "ADV-2006-0323",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0323"
},
{
"name" : "ADV-2006-0243",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0243"
"name": "16287",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16287"
},
{
"name" : "ADV-2006-0323",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0323"
"name": "VU#545804",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/545804"
},
{
"name" : "1015499",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015499"
"name": "1015499",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015499"
},
{
"name" : "18493",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18493"
"name": "ADV-2006-0243",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0243"
},
{
"name" : "18608",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18608"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html"
},
{
"name" : "oracle-january2006-update(24321)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24321"
"name": "18608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18608"
}
]
}

80
2006/0xxx/CVE-2006-0930.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-0930",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0930",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the UIDL parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in Webmail in ArGoSoft Mail Server Pro 1.8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the UIDL parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.nsag.ru/vuln/877.html",
"refsource" : "MISC",
"url" : "http://www.nsag.ru/vuln/877.html"
"name": "http://www.nsag.ru/vuln/877.html",
"refsource": "MISC",
"url": "http://www.nsag.ru/vuln/877.html"
},
{
"name" : "ADV-2006-0733",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/0733"
"name": "18990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18990"
},
{
"name" : "18990",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/18990"
"name": "ADV-2006-0733",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0733"
},
{
"name" : "487",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/487"
"name": "487",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/487"
}
]
}

22
2006/1xxx/CVE-2006-1307.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1307",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-1307",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}

134
2006/1xxx/CVE-2006-1549.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1549",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1549",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected."
"lang": "eng",
"value": "PHP 4.4.2 and 5.1.2 allows local users to cause a crash (segmentation fault) by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060409 function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430453/100/0/threaded"
"name": "php-function-dos(25704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25704"
},
{
"name" : "20060410 Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430598/100/0/threaded"
"name": "676",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/676"
},
{
"name" : "20060412 Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/430742/100/0/threaded"
"name": "20060409 function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430453/100/0/threaded"
},
{
"name" : "20060414 Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431018/100/0/threaded"
"name": "22766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22766"
},
{
"name" : "20060408 function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource" : "SREASONRES",
"url" : "http://securityreason.com/achievement_securityalert/35"
"name": "1015880",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015880"
},
{
"name" : "http://www.php-security.org/MOPB/MOPB-02-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-02-2007.html"
"name": "20060408 function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/35"
},
{
"name" : "22766",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22766"
"name": "20060410 Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430598/100/0/threaded"
},
{
"name" : "ADV-2006-1290",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1290"
"name": "ADV-2006-1290",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1290"
},
{
"name" : "24485",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24485"
"name": "20060412 Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/430742/100/0/threaded"
},
{
"name" : "1015880",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015880"
"name": "2312",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2312"
},
{
"name" : "2312",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2312"
"name": "24485",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24485"
},
{
"name" : "676",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/676"
"name": "20060414 Re: Re: function *() php/apache Crash PHP 4.4.2 and 5.1.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431018/100/0/threaded"
},
{
"name" : "php-function-dos(25704)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25704"
"name": "http://www.php-security.org/MOPB/MOPB-02-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-02-2007.html"
}
]
}

22
2006/1xxx/CVE-2006-1633.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1633",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1633",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

110
2006/1xxx/CVE-2006-1902.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is \"not correctly interpreting an offset to a pointer as a signed value.\""
"lang": "eng",
"value": "fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is \"not correctly interpreting an offset to a pointer as a signed value.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060417 gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431184/100/0/threaded"
"name": "20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431297/100/0/threaded"
},
{
"name" : "20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431319/100/0/threaded"
"name": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763",
"refsource": "CONFIRM",
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763"
},
{
"name" : "20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431297/100/0/threaded"
"name": "20060418 RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431245/100/0/threaded"
},
{
"name" : "20060418 RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/431245/100/0/threaded"
"name": "20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431319/100/0/threaded"
},
{
"name" : "[gcc-bugs] 20060417 [Bug c/27180] New: pointer arithmetic overflow handling broken",
"refsource" : "MLIST",
"url" : "http://gcc.gnu.org/ml/gcc-bugs/2006-04/msg01297.html"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896"
},
{
"name" : "[gcc-bugs] 20060417 [Bug middle-end/27180] New: pointer arithmetic overflow handling broken",
"refsource" : "MLIST",
"url" : "http://gcc.gnu.org/ml/gcc-bugs/2006-04/msg01298.html"
"name": "20060417 gcc 4.1 bug miscompiles pointer range checks, may place you at risk",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431184/100/0/threaded"
},
{
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896",
"refsource" : "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896"
"name": "[gcc-bugs] 20060417 [Bug c/27180] New: pointer arithmetic overflow handling broken",
"refsource": "MLIST",
"url": "http://gcc.gnu.org/ml/gcc-bugs/2006-04/msg01297.html"
},
{
"name" : "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763",
"refsource" : "CONFIRM",
"url" : "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763"
"name": "http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h",
"refsource": "CONFIRM",
"url": "http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h"
},
{
"name" : "http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h",
"refsource" : "CONFIRM",
"url" : "http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h"
"name": "[gcc-bugs] 20060417 [Bug middle-end/27180] New: pointer arithmetic overflow handling broken",
"refsource": "MLIST",
"url": "http://gcc.gnu.org/ml/gcc-bugs/2006-04/msg01298.html"
}
]
}

110
2006/3xxx/CVE-2006-3529.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed."
"lang": "eng",
"value": "Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt",
"refsource" : "CONFIRM",
"url" : "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"
"name": "21003",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21003"
},
{
"name" : "http://www.juniper.net/support/security/alerts/IPv6_bug.txt",
"refsource" : "CONFIRM",
"url" : "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"
"name": "junos-ipv6-dos(27654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"
},
{
"name" : "VU#294036",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/294036"
"name": "27132",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27132"
},
{
"name" : "18930",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18930"
"name": "ADV-2006-2742",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2742"
},
{
"name" : "ADV-2006-2742",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2742"
"name": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt",
"refsource": "CONFIRM",
"url": "http://www.juniper.net/support/security/alerts/EXT-PSN-2006-06-017.txt"
},
{
"name" : "27132",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27132"
"name": "18930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18930"
},
{
"name" : "1016460",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016460"
"name": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt",
"refsource": "CONFIRM",
"url": "http://www.juniper.net/support/security/alerts/IPv6_bug.txt"
},
{
"name" : "21003",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21003"
"name": "1016460",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016460"
},
{
"name" : "junos-ipv6-dos(27654)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27654"
"name": "VU#294036",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/294036"
}
]
}

80
2006/3xxx/CVE-2006-3851.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3851",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3851",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter."
"lang": "eng",
"value": "SQL injection vulnerability in upgradev1.php in X7 Chat 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the old_prefix parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2068",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2068"
"name": "x7chat-upgradev1-sql-injection(27921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27921"
},
{
"name" : "19123",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19123"
"name": "ADV-2006-2941",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2941"
},
{
"name" : "ADV-2006-2941",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2941"
"name": "19123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19123"
},
{
"name" : "x7chat-upgradev1-sql-injection(27921)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27921"
"name": "2068",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2068"
}
]
}

86
2006/4xxx/CVE-2006-4021.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4021",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4021",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption."
"lang": "eng",
"value": "The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060811 ScatterChat Advisory 2006-01: Cryptanalytic Attack Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443038/100/100/threaded"
"name": "19485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19485"
},
{
"name" : "http://www.scatterchat.com/advisories/2006-01_tech.html",
"refsource" : "CONFIRM",
"url" : "http://www.scatterchat.com/advisories/2006-01_tech.html"
"name": "20060811 ScatterChat Advisory 2006-01: Cryptanalytic Attack Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443038/100/100/threaded"
},
{
"name" : "http://www.scatterchat.com/advisories/2006-01_non_tech.html",
"refsource" : "CONFIRM",
"url" : "http://www.scatterchat.com/advisories/2006-01_non_tech.html"
"name": "http://www.scatterchat.com/advisories/2006-01_tech.html",
"refsource": "CONFIRM",
"url": "http://www.scatterchat.com/advisories/2006-01_tech.html"
},
{
"name" : "19485",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19485"
"name": "http://www.scatterchat.com/advisories/2006-01_non_tech.html",
"refsource": "CONFIRM",
"url": "http://www.scatterchat.com/advisories/2006-01_non_tech.html"
},
{
"name" : "1396",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1396"
"name": "1396",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1396"
}
]
}

200
2006/4xxx/CVE-2006-4145.json
View File

@ -1,176 +1,176 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4145",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4145",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command."
"lang": "eng",
"value": "The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060831 rPSA-2006-0162-1 kernel",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/444887/100/0/threaded"
"name": "21934",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21934"
},
{
"name" : "http://lkml.org/lkml/2006/6/16/6",
"refsource" : "MISC",
"url" : "http://lkml.org/lkml/2006/6/16/6"
"name": "MDKSA-2007:025",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025"
},
{
"name" : "https://issues.rpath.com/browse/RPL-611",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-611"
"name": "SUSE-SA:2006:079",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
"name": "27227",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27227"
},
{
"name" : "DSA-1184",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1184"
"name": "SUSE-SA:2007:053",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
},
{
"name" : "MDKSA-2006:182",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:182"
"name": "21695",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21695"
},
{
"name" : "MDKSA-2007:025",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025"
"name": "oval:org.mitre.oval:def:10796",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10796"
},
{
"name" : "RHSA-2008:0665",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
"name": "31685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31685"
},
{
"name" : "SUSE-SA:2006:079",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_79_kernel.html"
"name": "http://lkml.org/lkml/2006/6/16/6",
"refsource": "MISC",
"url": "http://lkml.org/lkml/2006/6/16/6"
},
{
"name" : "SUSE-SA:2007:053",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
"name": "RHSA-2008:0665",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0665.html"
},
{
"name" : "USN-346-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-346-1"
"name": "MDKSA-2006:182",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:182"
},
{
"name" : "19562",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19562"
"name": "22382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22382"
},
{
"name" : "oval:org.mitre.oval:def:10796",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10796"
"name": "23474",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23474"
},
{
"name" : "ADV-2006-3308",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3308"
"name": "ADV-2006-3308",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3308"
},
{
"name" : "21515",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21515"
"name": "USN-346-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-346-1"
},
{
"name" : "21711",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21711"
"name": "https://issues.rpath.com/browse/RPL-611",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-611"
},
{
"name" : "21695",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21695"
"name": "21515",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21515"
},
{
"name" : "22093",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22093"
"name": "20060831 rPSA-2006-0162-1 kernel",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444887/100/0/threaded"
},
{
"name" : "22382",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22382"
"name": "19562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19562"
},
{
"name" : "21934",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21934"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-365.htm"
},
{
"name" : "23474",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23474"
"name": "22093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22093"
},
{
"name" : "27227",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27227"
"name": "21711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21711"
},
{
"name" : "31229",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31229"
"name": "DSA-1184",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1184"
},
{
"name" : "31685",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31685"
"name": "31229",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31229"
}
]
}

74
2006/4xxx/CVE-2006-4272.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4272",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4272",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** Jelsoft vBulletin 3.5.4 allows remote attackers to register multiple arbitrary users and cause a denial of service (resource consumption) via a large number of requests to register.php. NOTE: the vendor has disputed this vulnerability, stating \"If you have the CAPTCHA enabled then the registrations wont even go through. ... if you are talking about the flood being allowed in the first place then surely this is something that should be handled at the server level.\""
"lang": "eng",
"value": "** DISPUTED ** Jelsoft vBulletin 3.5.4 allows remote attackers to register multiple arbitrary users and cause a denial of service (resource consumption) via a large number of requests to register.php. NOTE: the vendor has disputed this vulnerability, stating \"If you have the CAPTCHA enabled then the registrations wont even go through. ... if you are talking about the flood being allowed in the first place then surely this is something that should be handled at the server level.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060815 UPDATE vBulletin Version 3.5.4 exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443648/100/0/threaded"
"name": "20060818 Re: UPDATE vBulletin Version 3.5.4 exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-08/0381.html"
},
{
"name" : "20060818 Re: UPDATE vBulletin Version 3.5.4 exploit",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-08/0381.html"
"name": "20060815 UPDATE vBulletin Version 3.5.4 exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443648/100/0/threaded"
},
{
"name" : "1426",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1426"
"name": "1426",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1426"
}
]
}

146
2006/4xxx/CVE-2006-4533.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4533",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4533",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 and earlier allow remote attackers to execute arbitrary PHP code via the _PX_config[manager_path] parameter to (1) articles.php, (2) categories.php, (3) news.php, (4) prefs.php, (5) sites.php, (6) subtypes.php, (7) users.php, (8) xmedia.php, (9) frontinc/class.template.php, (10) inc/lib.text.php, (11) install/index.php, (12) install/upgrade.php, and (13) tools/htaccess/index.php. NOTE: other vectors are covered by CVE-2006-3562, CVE-2006-2645, and CVE-2006-0725."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Plume CMS 1.0.6 and earlier allow remote attackers to execute arbitrary PHP code via the _PX_config[manager_path] parameter to (1) articles.php, (2) categories.php, (3) news.php, (4) prefs.php, (5) sites.php, (6) subtypes.php, (7) users.php, (8) xmedia.php, (9) frontinc/class.template.php, (10) inc/lib.text.php, (11) install/index.php, (12) install/upgrade.php, and (13) tools/htaccess/index.php. NOTE: other vectors are covered by CVE-2006-3562, CVE-2006-2645, and CVE-2006-0725."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://packetstormsecurity.org/0608-exploits/plume-1.0.6.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0608-exploits/plume-1.0.6.txt"
"name": "31179",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31179"
},
{
"name" : "19629",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19629"
"name": "31172",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31172"
},
{
"name" : "31171",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31171"
"name": "31177",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31177"
},
{
"name" : "31172",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31172"
"name": "31180",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31180"
},
{
"name" : "31173",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31173"
"name": "31171",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31171"
},
{
"name" : "31174",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31174"
"name": "31183",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31183"
},
{
"name" : "31175",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31175"
"name": "31175",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31175"
},
{
"name" : "31176",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31176"
"name": "31181",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31181"
},
{
"name" : "31177",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31177"
"name": "19629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19629"
},
{
"name" : "31178",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31178"
"name": "31176",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31176"
},
{
"name" : "31179",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31179"
"name": "31178",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31178"
},
{
"name" : "31180",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31180"
"name": "31174",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31174"
},
{
"name" : "31181",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31181"
"name": "http://packetstormsecurity.org/0608-exploits/plume-1.0.6.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0608-exploits/plume-1.0.6.txt"
},
{
"name" : "31182",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31182"
"name": "31173",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31173"
},
{
"name" : "31183",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31183"
"name": "31182",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31182"
}
]
}

104
2006/4xxx/CVE-2006-4852.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4852",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4852",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter."
"lang": "eng",
"value": "SQL injection vulnerability in browse.asp in QuadComm Q-Shop 3.5 allows remote attackers to execute arbitrary SQL commands via the OrderBy parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060917 Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/446231/100/0/threaded"
"name": "20075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20075"
},
{
"name" : "2384",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2384"
"name": "qshop-browse-sql-injection(28970)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28970"
},
{
"name" : "20075",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20075"
"name": "ADV-2006-3665",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3665"
},
{
"name" : "ADV-2006-3665",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3665"
"name": "20060917 Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446231/100/0/threaded"
},
{
"name" : "28917",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28917"
"name": "28917",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28917"
},
{
"name" : "21929",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21929"
"name": "1589",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1589"
},
{
"name" : "1589",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1589"
"name": "2384",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2384"
},
{
"name" : "qshop-browse-sql-injection(28970)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28970"
"name": "21929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21929"
}
]
}

236
2010/2xxx/CVE-2010-2173.json
View File

@ -1,206 +1,206 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2173",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-2173",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an \"invalid pointer vulnerability\" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174."
"lang": "eng",
"value": "Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an \"invalid pointer vulnerability\" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100616 VUPEN Security Research - Adobe Flash Player \"newclass\" Invalid Pointer Vulnerability (CVE-2010-2173)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/511848/100/0/threaded"
"name": "ADV-2011-0192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
"name": "ADV-2010-1421",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1421"
},
{
"name" : "http://support.apple.com/kb/HT4435",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4435"
"name": "http://support.apple.com/kb/HT4435",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4435"
},
{
"name" : "APPLE-SA-2010-11-10-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
"name": "40545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40545"
},
{
"name" : "GLSA-201101-09",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml"
"name": "RHSA-2010:0464",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
},
{
"name" : "HPSBMA02547",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "ADV-2010-1793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1793"
},
{
"name" : "SSRT100179",
"refsource" : "HP",
"url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
"name": "43026",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43026"
},
{
"name" : "RHSA-2010:0464",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
"name": "ADV-2010-1432",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1432"
},
{
"name" : "RHSA-2010:0470",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
"name": "GLSA-201101-09",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"name" : "SUSE-SA:2010:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
"name": "TA10-162A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
},
{
"name" : "SUSE-SR:2010:013",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
"name": "20100616 VUPEN Security Research - Adobe Flash Player \"newclass\" Invalid Pointer Vulnerability (CVE-2010-2173)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511848/100/0/threaded"
},
{
"name" : "TLSA-2010-19",
"refsource" : "TURBO",
"url" : "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
"name": "APPLE-SA-2010-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"name" : "TA10-162A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
"name": "40759",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40759"
},
{
"name" : "40759",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40759"
"name": "1024085",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024085"
},
{
"name" : "40800",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40800"
"name": "SUSE-SR:2010:013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
},
{
"name" : "oval:org.mitre.oval:def:6762",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762"
"name": "1024086",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024086"
},
{
"name" : "oval:org.mitre.oval:def:16261",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261"
"name": "ADV-2010-1434",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1434"
},
{
"name" : "1024085",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024085"
"name": "TLSA-2010-19",
"refsource": "TURBO",
"url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
},
{
"name" : "1024086",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024086"
"name": "SSRT100179",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "40144",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40144"
"name": "SUSE-SA:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
},
{
"name" : "40545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40545"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
},
{
"name" : "43026",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43026"
"name": "40144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40144"
},
{
"name" : "ADV-2010-1453",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1453"
"name": "RHSA-2010:0470",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
},
{
"name" : "ADV-2010-1421",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1421"
"name": "40800",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40800"
},
{
"name" : "ADV-2010-1432",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1432"
"name": "ADV-2010-1482",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1482"
},
{
"name" : "ADV-2010-1434",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1434"
"name": "oval:org.mitre.oval:def:16261",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261"
},
{
"name" : "ADV-2010-1482",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1482"
"name": "HPSBMA02547",
"refsource": "HP",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
},
{
"name" : "ADV-2010-1522",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1522"
"name": "ADV-2010-1522",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1522"
},
{
"name" : "ADV-2010-1793",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1793"
"name": "oval:org.mitre.oval:def:6762",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762"
},
{
"name" : "ADV-2011-0192",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0192"
"name": "ADV-2010-1453",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1453"
}
]
}

86
2010/2xxx/CVE-2010-2209.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2209",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2010-2209",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212."
"lang": "eng",
"value": "Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb10-15.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
"name": "ADV-2010-1636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1636"
},
{
"name" : "41240",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41240"
"name": "http://www.adobe.com/support/security/bulletins/apsb10-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb10-15.html"
},
{
"name" : "oval:org.mitre.oval:def:6957",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6957"
"name": "oval:org.mitre.oval:def:6957",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6957"
},
{
"name" : "1024159",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024159"
"name": "41240",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41240"
},
{
"name" : "ADV-2010-1636",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1636"
"name": "1024159",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024159"
}
]
}

68
2010/2xxx/CVE-2010-2678.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2678",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2678",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php."
"lang": "eng",
"value": "SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100329 Joomla Component com_xmap Sql Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/510374/100/0/threaded"
"name": "39035",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39035"
},
{
"name" : "39035",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39035"
"name": "20100329 Joomla Component com_xmap Sql Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510374/100/0/threaded"
}
]
}

134
2010/3xxx/CVE-2010-3056.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3056",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3056",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting%28XSS%29",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting%28XSS%29"
"name": "FEDORA-2010-13249",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045991.html"
},
{
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php",
"refsource" : "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php"
"name": "http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=625877",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=625877"
"name": "http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting%28XSS%29",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/phpmyadmin/%5Bphpmyadmin-3.3.5%5D_cross_site_scripting%28XSS%29"
},
{
"name" : "DSA-2097",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2097"
"name": "FEDORA-2010-13258",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045997.html"
},
{
"name" : "FEDORA-2010-13249",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045991.html"
"name": "41000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41000"
},
{
"name" : "FEDORA-2010-13258",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045997.html"
"name": "ADV-2010-2231",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2231"
},
{
"name" : "MDVSA-2010:163",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:163"
"name": "DSA-2097",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2097"
},
{
"name" : "MDVSA-2010:164",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:164"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=625877",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=625877"
},
{
"name" : "42584",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42584"
"name": "MDVSA-2010:163",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:163"
},
{
"name" : "41000",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41000"
"name": "MDVSA-2010:164",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:164"
},
{
"name" : "41185",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41185"
"name": "42584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42584"
},
{
"name" : "ADV-2010-2223",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2223"
"name": "ADV-2010-2223",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2223"
},
{
"name" : "ADV-2010-2231",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2231"
"name": "41185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41185"
}
]
}

68
2010/3xxx/CVE-2010-3165.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3165",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3165",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
"lang": "eng",
"value": "Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "JVN#07497935",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN07497935/index.html"
"name": "JVNDB-2010-000049",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html"
},
{
"name" : "JVNDB-2010-000049",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000049.html"
"name": "JVN#07497935",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN07497935/index.html"
}
]
}

152
2010/3xxx/CVE-2010-3177.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3177",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3177",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-68.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-68.html"
"name": "RHSA-2010:0782",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=556734",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=556734"
"name": "MDVSA-2010:210",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
},
{
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource" : "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
"name": "oval:org.mitre.oval:def:12202",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12202"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100114250",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100114250"
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100120156",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100120156"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=556734",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=556734"
},
{
"name" : "DSA-2124",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2124"
"name": "RHSA-2010:0781",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
},
{
"name" : "FEDORA-2010-16885",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-68.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-68.html"
},
{
"name" : "FEDORA-2010-16897",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
"name": "42867",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42867"
},
{
"name" : "MDVSA-2010:210",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210"
"name": "ADV-2011-0061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0061"
},
{
"name" : "RHSA-2010:0781",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0781.html"
"name": "DSA-2124",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2124"
},
{
"name" : "RHSA-2010:0782",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0782.html"
"name": "http://support.avaya.com/css/P8/documents/100114250",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100114250"
},
{
"name" : "RHSA-2010:0861",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
"name": "http://support.avaya.com/css/P8/documents/100120156",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100120156"
},
{
"name" : "USN-997-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-997-1"
"name": "USN-997-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-997-1"
},
{
"name" : "oval:org.mitre.oval:def:12202",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12202"
"name": "FEDORA-2010-16897",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html"
},
{
"name" : "42867",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42867"
"name": "RHSA-2010:0861",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html"
},
{
"name" : "ADV-2011-0061",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0061"
"name": "FEDORA-2010-16885",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html"
}
]
}

140
2010/3xxx/CVE-2010-3315.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-3315",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3315",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands."
"lang": "eng",
"value": "authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://security-tracker.debian.org/tracker/CVE-2010-3315",
"refsource" : "CONFIRM",
"url" : "http://security-tracker.debian.org/tracker/CVE-2010-3315"
"name": "oval:org.mitre.oval:def:19007",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19007"
},
{
"name" : "http://subversion.apache.org/security/CVE-2010-3315-advisory.txt",
"refsource" : "CONFIRM",
"url" : "http://subversion.apache.org/security/CVE-2010-3315-advisory.txt"
"name": "41652",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41652"
},
{
"name" : "http://support.apple.com/kb/HT4581",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4581"
"name": "http://subversion.apache.org/security/CVE-2010-3315-advisory.txt",
"refsource": "CONFIRM",
"url": "http://subversion.apache.org/security/CVE-2010-3315-advisory.txt"
},
{
"name" : "APPLE-SA-2011-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
"name": "http://security-tracker.debian.org/tracker/CVE-2010-3315",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.org/tracker/CVE-2010-3315"
},
{
"name" : "DSA-2118",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2118"
"name": "ADV-2011-0264",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0264"
},
{
"name" : "MDVSA-2010:199",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:199"
"name": "APPLE-SA-2011-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
},
{
"name" : "RHSA-2011:0258",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0258.html"
"name": "DSA-2118",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2118"
},
{
"name" : "SUSE-SR:2010:024",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
"name": "43346",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43346"
},
{
"name" : "USN-1053-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1053-1"
"name": "RHSA-2011:0258",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0258.html"
},
{
"name" : "oval:org.mitre.oval:def:19007",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19007"
"name": "USN-1053-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1053-1"
},
{
"name" : "41652",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41652"
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name" : "43139",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43139"
"name": "MDVSA-2010:199",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:199"
},
{
"name" : "43346",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43346"
"name": "43139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43139"
},
{
"name" : "ADV-2011-0264",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0264"
"name": "http://support.apple.com/kb/HT4581",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4581"
}
]
}

92
2010/4xxx/CVE-2010-4218.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4218",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4218",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown impact and attack vectors, related to a system that becomes \"exposed to the internet.\""
"lang": "eng",
"value": "Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown impact and attack vectors, related to a system that becomes \"exposed to the internet.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE01296",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE01296"
"name": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE01296",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE01296"
},
{
"name" : "HE01296",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1HE01296"
"name": "HE01296",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1HE01296"
},
{
"name" : "44509",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44509"
"name": "42029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42029"
},
{
"name" : "42029",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42029"
"name": "dassault-enovia-unspecified(62921)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62921"
},
{
"name" : "ADV-2010-2828",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2828"
"name": "ADV-2010-2828",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2828"
},
{
"name" : "dassault-enovia-unspecified(62921)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62921"
"name": "44509",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44509"
}
]
}

86
2010/4xxx/CVE-2010-4747.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4747",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4747",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Processing Embed plugin 0.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pluginurl parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.johnleitch.net/Vulnerabilities/WordPress.Processing.Embed.0.5.Reflected.Cross-site.Scripting/65",
"refsource" : "MISC",
"url" : "http://www.johnleitch.net/Vulnerabilities/WordPress.Processing.Embed.0.5.Reflected.Cross-site.Scripting/65"
"name": "69764",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/69764"
},
{
"name" : "45266",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45266"
"name": "45266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45266"
},
{
"name" : "69764",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/69764"
"name": "processing-embed-wordpress-pluginurl-xss(63761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63761"
},
{
"name" : "42545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42545"
"name": "42545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42545"
},
{
"name" : "processing-embed-wordpress-pluginurl-xss(63761)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63761"
"name": "http://www.johnleitch.net/Vulnerabilities/WordPress.Processing.Embed.0.5.Reflected.Cross-site.Scripting/65",
"refsource": "MISC",
"url": "http://www.johnleitch.net/Vulnerabilities/WordPress.Processing.Embed.0.5.Reflected.Cross-site.Scripting/65"
}
]
}

92
2010/4xxx/CVE-2010-4922.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4922",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4922",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute arbitrary SQL commands via the i parameter in an edit action to (1) contentAE.asp or (2) templatesAE.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100809 SQL injection vulnerability in allinta CMS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/512958"
"name": "8453",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8453"
},
{
"name" : "20100809 SQL injection vulnerability in allinta CMS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/512959/100/0/threaded"
"name": "20100809 SQL injection vulnerability in allinta CMS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512959/100/0/threaded"
},
{
"name" : "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html",
"refsource" : "MISC",
"url" : "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html"
"name": "20100809 SQL injection vulnerability in allinta CMS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512958"
},
{
"name" : "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html",
"refsource" : "MISC",
"url" : "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html"
"name": "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms.html"
},
{
"name" : "42320",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42320"
"name": "42320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42320"
},
{
"name" : "8453",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8453"
"name": "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html",
"refsource": "MISC",
"url": "http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_allinta_cms_1.html"
}
]
}

86
2010/4xxx/CVE-2010-4940.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4940",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4940",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "15090",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15090"
"name": "43440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/43440"
},
{
"name" : "http://packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt"
"name": "15090",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15090"
},
{
"name" : "43440",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/43440"
"name": "wanewsletter-index-sql-injection(61993)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61993"
},
{
"name" : "8462",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8462"
"name": "http://packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1009-exploits/wanewsletter-sql.txt"
},
{
"name" : "wanewsletter-index-sql-injection(61993)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61993"
"name": "8462",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8462"
}
]
}

80
2011/1xxx/CVE-2011-1279.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1279",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1279",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka \"Excel Out of Bounds WriteAV Vulnerability.\""
"lang": "eng",
"value": "Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka \"Excel Out of Bounds WriteAV Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-045",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045"
"name": "ms-excel-writeav-ce(67717)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67717"
},
{
"name" : "48164",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/48164"
"name": "oval:org.mitre.oval:def:12373",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12373"
},
{
"name" : "oval:org.mitre.oval:def:12373",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12373"
"name": "48164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48164"
},
{
"name" : "ms-excel-writeav-ce(67717)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67717"
"name": "MS11-045",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045"
}
]
}

22
2011/1xxx/CVE-2011-1358.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1358",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1358",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2011/1xxx/CVE-2011-1480.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1480",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1480",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter."
"lang": "eng",
"value": "SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110323 CVE Request: PHP-Nuke 8.x <= \"chng_uid\" Blind SQL Injection Vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/03/23/7"
"name": "[oss-security] 20110323 CVE Request: PHP-Nuke 8.x <= \"chng_uid\" Blind SQL Injection Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/23/7"
},
{
"name" : "[oss-security] 20110330 Re: CVE Request: PHP-Nuke 8.x <= \"chng_uid\" Blind SQL Injection Vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/03/30/6"
"name": "[oss-security] 20110330 Re: CVE Request: PHP-Nuke 8.x <= \"chng_uid\" Blind SQL Injection Vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/30/6"
},
{
"name" : "http://yehg.net/lab/pr0js/advisories/[phpnuke-8.x]_sql_injection",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/[phpnuke-8.x]_sql_injection"
"name": "http://yehg.net/lab/pr0js/advisories/[phpnuke-8.x]_sql_injection",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/[phpnuke-8.x]_sql_injection"
}
]
}

86
2011/1xxx/CVE-2011-1542.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1542",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-1542",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBMA02663",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name": "1025415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025415"
},
{
"name" : "SSRT100428",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
"name": "SSRT100428",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
},
{
"name" : "47511",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47511"
"name": "HPSBMA02663",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2"
},
{
"name" : "1025415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025415"
"name": "47511",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47511"
},
{
"name" : "8234",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8234"
"name": "8234",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8234"
}
]
}

92
2011/5xxx/CVE-2011-5233.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5233",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5233",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted \"Rows Per Strip\" and \"Samples Per Pixel\" values in a TIFF image file."
"lang": "eng",
"value": "Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted \"Rows Per Strip\" and \"Samples Per Pixel\" values in a TIFF image file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "18257",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18257"
"name": "77957",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/77957"
},
{
"name" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30",
"refsource" : "MISC",
"url" : "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30"
"name": "18257",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18257"
},
{
"name" : "http://www.irfanview.com/history_old.htm",
"refsource" : "CONFIRM",
"url" : "http://www.irfanview.com/history_old.htm"
"name": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30",
"refsource": "MISC",
"url": "http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=30&Itemid=30"
},
{
"name" : "77957",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/77957"
"name": "47065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47065"
},
{
"name" : "47065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47065"
"name": "http://www.irfanview.com/history_old.htm",
"refsource": "CONFIRM",
"url": "http://www.irfanview.com/history_old.htm"
},
{
"name" : "irfanview-tiff-bo(71891)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71891"
"name": "irfanview-tiff-bo(71891)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71891"
}
]
}

68
2014/3xxx/CVE-2014-3062.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3062",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3062",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683609",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683609"
"name": "ibm-qradar-cve20143062-rce(93540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93540"
},
{
"name" : "ibm-qradar-cve20143062-rce(93540)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/93540"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683609"
}
]
}

62
2014/3xxx/CVE-2014-3260.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3260",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3260",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the controller-to-base data stream by leveraging improper use of cryptography."
"lang": "eng",
"value": "Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the controller-to-base data stream by leveraging improper use of cryptography."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-337-03",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-337-03"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-337-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-337-03"
}
]
}

22
2014/3xxx/CVE-2014-3484.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3484",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3484",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/3xxx/CVE-2014-3861.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3861",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3861",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://smartplatforms.org/2014/04/security-vulnerabilities-in-ccda-display/",
"refsource" : "MISC",
"url" : "http://smartplatforms.org/2014/04/security-vulnerabilities-in-ccda-display/"
"name": "http://motorcycleguy.blogspot.com/2014/04/hl7-cda-stylesheet-patches.html",
"refsource": "CONFIRM",
"url": "http://motorcycleguy.blogspot.com/2014/04/hl7-cda-stylesheet-patches.html"
},
{
"name" : "http://gforge.hl7.org/gf/project/strucdoc/frs/?action=FrsReleaseView&release_id=1088",
"refsource" : "CONFIRM",
"url" : "http://gforge.hl7.org/gf/project/strucdoc/frs/?action=FrsReleaseView&release_id=1088"
"name": "http://gforge.hl7.org/gf/project/strucdoc/frs/?action=FrsReleaseView&release_id=1088",
"refsource": "CONFIRM",
"url": "http://gforge.hl7.org/gf/project/strucdoc/frs/?action=FrsReleaseView&release_id=1088"
},
{
"name" : "http://motorcycleguy.blogspot.com/2014/04/hl7-cda-stylesheet-patches.html",
"refsource" : "CONFIRM",
"url" : "http://motorcycleguy.blogspot.com/2014/04/hl7-cda-stylesheet-patches.html"
"name": "http://smartplatforms.org/2014/04/security-vulnerabilities-in-ccda-display/",
"refsource": "MISC",
"url": "http://smartplatforms.org/2014/04/security-vulnerabilities-in-ccda-display/"
}
]
}

86
2014/7xxx/CVE-2014-7232.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7232",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7232",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
"lang": "eng",
"value": "GE Healthcare Discovery XR656 and XR656 G2 has a password of (1) 2getin for the insite user, (2) 4$xray for the xruser user, and (3) #superxr for the root user, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource" : "MISC",
"url" : "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
"name": "http://apps.gehealthcare.com/servlet/ClientServlet/5643835-1EN_r1.pdf?REQ=RAA&DIRECTION=5643835-1EN&FILENAME=5643835-1EN_r1.pdf&FILEREV=1&DOCREV_ORG=1",
"refsource": "CONFIRM",
"url": "http://apps.gehealthcare.com/servlet/ClientServlet/5643835-1EN_r1.pdf?REQ=RAA&DIRECTION=5643835-1EN&FILENAME=5643835-1EN_r1.pdf&FILEREV=1&DOCREV_ORG=1"
},
{
"name" : "https://twitter.com/digitalbond/status/619250429751222277",
"refsource" : "MISC",
"url" : "https://twitter.com/digitalbond/status/619250429751222277"
"name": "http://apps.gehealthcare.com/servlet/ClientServlet/IM-5343950-1EN.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=5343950-1EN&FILENAME=IM-5343950-1EN.pdf&FILEREV=7&DOCREV_ORG=7&SUBMIT=+ACCEPT+",
"refsource": "CONFIRM",
"url": "http://apps.gehealthcare.com/servlet/ClientServlet/IM-5343950-1EN.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=5343950-1EN&FILENAME=IM-5343950-1EN.pdf&FILEREV=7&DOCREV_ORG=7&SUBMIT=+ACCEPT+"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
"name": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/",
"refsource": "MISC",
"url": "http://www.forbes.com/sites/thomasbrewster/2015/07/10/vulnerable-breasts/"
},
{
"name" : "http://apps.gehealthcare.com/servlet/ClientServlet/5643835-1EN_r1.pdf?REQ=RAA&DIRECTION=5643835-1EN&FILENAME=5643835-1EN_r1.pdf&FILEREV=1&DOCREV_ORG=1",
"refsource" : "CONFIRM",
"url" : "http://apps.gehealthcare.com/servlet/ClientServlet/5643835-1EN_r1.pdf?REQ=RAA&DIRECTION=5643835-1EN&FILENAME=5643835-1EN_r1.pdf&FILEREV=1&DOCREV_ORG=1"
"name": "https://twitter.com/digitalbond/status/619250429751222277",
"refsource": "MISC",
"url": "https://twitter.com/digitalbond/status/619250429751222277"
},
{
"name" : "http://apps.gehealthcare.com/servlet/ClientServlet/IM-5343950-1EN.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=5343950-1EN&FILENAME=IM-5343950-1EN.pdf&FILEREV=7&DOCREV_ORG=7&SUBMIT=+ACCEPT+",
"refsource" : "CONFIRM",
"url" : "http://apps.gehealthcare.com/servlet/ClientServlet/IM-5343950-1EN.pdf?DOCCLASS=A&REQ=RAC&DIRECTION=5343950-1EN&FILENAME=IM-5343950-1EN.pdf&FILEREV=7&DOCREV_ORG=7&SUBMIT=+ACCEPT+"
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-037-02"
}
]
}

74
2014/7xxx/CVE-2014-7758.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7758",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7758",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The AMKAMAL Science Portfolio (aka com.wAMKAMALSciencePortfolio) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#857233",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/857233"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#857233",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/857233"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

62
2014/8xxx/CVE-2014-8413.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8413",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8413",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules."
"lang": "eng",
"value": "The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://downloads.asterisk.org/pub/security/AST-2014-013.html",
"refsource" : "CONFIRM",
"url" : "http://downloads.asterisk.org/pub/security/AST-2014-013.html"
"name": "http://downloads.asterisk.org/pub/security/AST-2014-013.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2014-013.html"
}
]
}

22
2014/8xxx/CVE-2014-8759.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-8759",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8759",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2014/9xxx/CVE-2014-9118.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9118",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9118",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd."
"lang": "eng",
"value": "The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151012 Multiple Vulnerabilities found in ZHONE",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536663/100/0/threaded"
"name": "20151013 Vantage Point Security Advisory 2015-002",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Oct/57"
},
{
"name" : "38453",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/38453/"
"name": "38453",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38453/"
},
{
"name" : "20151013 Vantage Point Security Advisory 2015-002",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Oct/57"
"name": "http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html"
},
{
"name" : "http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/133921/Zhone-Insecure-Reference-Password-Disclosure-Command-Injection.html"
"name": "20151012 Multiple Vulnerabilities found in ZHONE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536663/100/0/threaded"
}
]
}

62
2014/9xxx/CVE-2014-9197.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9197",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-9197",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request."
"lang": "eng",
"value": "The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde.jar under the web root with insufficient access control, which allows remote attackers to obtain sensitive setup and configuration information via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-020-02"
}
]
}

80
2014/9xxx/CVE-2014-9500.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9500",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9500",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Moip module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the notification page callback."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150103 CVE requests: Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/03/2"
"name": "[oss-security] 20150103 Re: CVE requests: Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/04/6"
},
{
"name" : "[oss-security] 20150103 Re: CVE requests: Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/04/6"
"name": "https://www.drupal.org/node/2390699",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2390699"
},
{
"name" : "https://www.drupal.org/node/2390849",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2390849"
"name": "[oss-security] 20150103 CVE requests: Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/2"
},
{
"name" : "https://www.drupal.org/node/2390699",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2390699"
"name": "https://www.drupal.org/node/2390849",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2390849"
}
]
}

152
2014/9xxx/CVE-2014-9679.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9679",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9679",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow."
"lang": "eng",
"value": "Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/10/15"
"name": "RHSA-2015:1123",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
},
{
"name" : "[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/12/12"
"name": "https://www.cups.org/str.php?L4551",
"refsource": "CONFIRM",
"url": "https://www.cups.org/str.php?L4551"
},
{
"name" : "https://www.cups.org/str.php?L4551",
"refsource" : "CONFIRM",
"url" : "https://www.cups.org/str.php?L4551"
"name": "[oss-security] 20150210 CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/10/15"
},
{
"name" : "http://advisories.mageia.org/MGASA-2015-0067.html",
"refsource" : "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0067.html"
"name": "USN-2520-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2520-1"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "DSA-3172",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3172"
"name": "openSUSE-SU-2015:0381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
},
{
"name" : "FEDORA-2015-2127",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
"name": "MDVSA-2015:049",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
},
{
"name" : "FEDORA-2015-2152",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
"name": "GLSA-201607-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-06"
},
{
"name" : "GLSA-201607-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-06"
"name": "FEDORA-2015-2127",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150177.html"
},
{
"name" : "MDVSA-2015:049",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:049"
"name": "1031776",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031776"
},
{
"name" : "MDVSA-2015:108",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
"name": "FEDORA-2015-2152",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150171.html"
},
{
"name" : "RHSA-2015:1123",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1123.html"
"name": "DSA-3172",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3172"
},
{
"name" : "openSUSE-SU-2015:0381",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00098.html"
"name": "http://advisories.mageia.org/MGASA-2015-0067.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0067.html"
},
{
"name" : "USN-2520-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2520-1"
"name": "[oss-security] 20150212 Re: CVE Request: Cups: cupsRasterReadPixels buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/12/12"
},
{
"name" : "72594",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72594"
"name": "MDVSA-2015:108",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:108"
},
{
"name" : "1031776",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031776"
"name": "72594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72594"
}
]
}

74
2014/9xxx/CVE-2014-9863.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9863",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2014-9863",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470."
"lang": "eng",
"value": "Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-08-01.html"
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=75eac48a48562f819f50eeff8369b296d89102d7",
"refsource" : "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=75eac48a48562f819f50eeff8369b296d89102d7"
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=75eac48a48562f819f50eeff8369b296d89102d7",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=75eac48a48562f819f50eeff8369b296d89102d7"
},
{
"name" : "92219",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92219"
"name": "92219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92219"
}
]
}

74
2016/2xxx/CVE-2016-2061.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2061",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2061",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call."
"lang": "eng",
"value": "Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory corruption) via a crafted application that triggers an msm_isp_axi_create_stream call."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-06-01.html"
"name": "https://www.codeaurora.org/array-overflow-msm-v4l2-video-driver-allows-kernel-memory-corruption-cve-2016-2061",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/array-overflow-msm-v4l2-video-driver-allows-kernel-memory-corruption-cve-2016-2061"
},
{
"name" : "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/id=79db14ca9f791a14be9376a0340ad3b9b9a4d603",
"refsource" : "CONFIRM",
"url" : "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/id=79db14ca9f791a14be9376a0340ad3b9b9a4d603"
"name": "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/id=79db14ca9f791a14be9376a0340ad3b9b9a4d603",
"refsource": "CONFIRM",
"url": "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.18/commit/id=79db14ca9f791a14be9376a0340ad3b9b9a4d603"
},
{
"name" : "https://www.codeaurora.org/array-overflow-msm-v4l2-video-driver-allows-kernel-memory-corruption-cve-2016-2061",
"refsource" : "CONFIRM",
"url" : "https://www.codeaurora.org/array-overflow-msm-v4l2-video-driver-allows-kernel-memory-corruption-cve-2016-2061"
"name": "http://source.android.com/security/bulletin/2016-06-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-06-01.html"
}
]
}

68
2016/2xxx/CVE-2016-2071.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2071",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2071",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands."
"lang": "eng",
"value": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 11.x before 11.0 Build 64.34, 10.5 before 10.5 Build 59.13, and 10.5.e before Build 59.1305.e allows remote attackers to gain privileges via unspecified NS Web GUI commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.citrix.com/article/CTX206001",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX206001"
"name": "1035098",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035098"
},
{
"name" : "1035098",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035098"
"name": "http://support.citrix.com/article/CTX206001",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX206001"
}
]
}

62
2016/2xxx/CVE-2016-2454.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-2454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024."
"lang": "eng",
"value": "The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-05-01.html"
"name": "http://source.android.com/security/bulletin/2016-05-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-05-01.html"
}
]
}

92
2016/2xxx/CVE-2016-2833.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-2833",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-2833",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet."
"lang": "eng",
"value": "Mozilla Firefox before 47.0 ignores Content Security Policy (CSP) directives for cross-domain Java applets, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted applet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html"
"name": "1036057",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036057"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=908933",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=908933"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=908933",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=908933"
},
{
"name" : "openSUSE-SU-2016:1552",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"
"name": "openSUSE-SU-2016:1557",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"
},
{
"name" : "openSUSE-SU-2016:1557",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html"
"name": "openSUSE-SU-2016:1552",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00014.html"
},
{
"name" : "USN-2993-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2993-1"
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-60.html"
},
{
"name" : "1036057",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036057"
"name": "USN-2993-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2993-1"
}
]
}

80
2016/6xxx/CVE-2016-6195.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6195",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6195",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016."
"lang": "eng",
"value": "SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via the postids parameter to forumrunner/request.php, as exploited in the wild in July 2016."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://enumerated.wordpress.com/2016/07/11/1/",
"refsource" : "MISC",
"url" : "https://enumerated.wordpress.com/2016/07/11/1/"
"name": "https://github.com/drewlong/vbully",
"refsource": "MISC",
"url": "https://github.com/drewlong/vbully"
},
{
"name" : "https://github.com/drewlong/vbully",
"refsource" : "MISC",
"url" : "https://github.com/drewlong/vbully"
"name": "http://www.vbulletin.org/forum/showthread.php?t=322848",
"refsource": "CONFIRM",
"url": "http://www.vbulletin.org/forum/showthread.php?t=322848"
},
{
"name" : "http://www.vbulletin.org/forum/showthread.php?t=322848",
"refsource" : "CONFIRM",
"url" : "http://www.vbulletin.org/forum/showthread.php?t=322848"
"name": "92687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92687"
},
{
"name" : "92687",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92687"
"name": "https://enumerated.wordpress.com/2016/07/11/1/",
"refsource": "MISC",
"url": "https://enumerated.wordpress.com/2016/07/11/1/"
}
]
}

70
2016/6xxx/CVE-2016-6725.json
View File

@ -1,69 +1,69 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-6725",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-6725",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.10"
"version_value": "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970."
"lang": "eng",
"value": "A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05 could enable a remote attacker to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of remote code execution in the context of the kernel. Android ID: A-30515053. References: Qualcomm QC-CR#1050970."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote code execution"
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-11-01.html"
"name": "94182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94182"
},
{
"name" : "94182",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94182"
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
}
]
}

68
2016/6xxx/CVE-2016-6858.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6858",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6858",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Create Employee feature in Hybris Management Console (HMC) in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and 5.3.0.x before 5.3.0.10, 5.4.x before 5.4.0.9, 5.5.0.x before 5.5.0.9, 5.5.1.x before 5.5.1.10, 5.6.x before 5.6.0.8, and 5.7.x before 5.7.0.9 allows remote authenticated users to inject arbitrary web script or HTML via the Name field."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Create Employee feature in Hybris Management Console (HMC) in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and 5.3.0.x before 5.3.0.10, 5.4.x before 5.4.0.9, 5.5.0.x before 5.5.0.9, 5.5.1.x before 5.5.1.10, 5.6.x before 5.6.0.8, and 5.7.x before 5.7.0.9 allows remote authenticated users to inject arbitrary web script or HTML via the Name field."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-685X_SAP-Hybris_XSS.txt",
"refsource" : "MISC",
"url" : "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-685X_SAP-Hybris_XSS.txt"
"name": "93966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93966"
},
{
"name" : "93966",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93966"
"name": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-685X_SAP-Hybris_XSS.txt",
"refsource": "MISC",
"url": "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CVE-2016-685X_SAP-Hybris_XSS.txt"
}
]
}

74
2016/6xxx/CVE-2016-6995.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6995",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-6995",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7008, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name" : "93496",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93496"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
},
{
"name" : "1036986",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036986"
"name": "93496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93496"
}
]
}

74
2016/7xxx/CVE-2016-7571.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7571",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7571",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.drupal.org/SA-CORE-2016-004",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/SA-CORE-2016-004"
"name": "https://www.drupal.org/SA-CORE-2016-004",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2016-004"
},
{
"name" : "93101",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93101"
"name": "93101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93101"
},
{
"name" : "1036886",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036886"
"name": "1036886",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036886"
}
]
}

74
2016/7xxx/CVE-2016-7783.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7783",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7783",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter."
"lang": "eng",
"value": "SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20161102 Disclose [10 * cve] in Exponent CMS",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Nov/12"
"name": "http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html"
},
{
"name" : "http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html"
"name": "20161102 Disclose [10 * cve] in Exponent CMS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Nov/12"
},
{
"name" : "97212",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97212"
"name": "97212",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97212"
}
]
}

92
2017/5xxx/CVE-2017-5092.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5092",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5092",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Google Chrome prior to 60.0.3112.78 for Windows",
"version" : {
"version_data" : [
"product_name": "Google Chrome prior to 60.0.3112.78 for Windows",
"version": {
"version_data": [
{
"version_value" : "Google Chrome prior to 60.0.3112.78 for Windows"
"version_value": "Google Chrome prior to 60.0.3112.78 for Windows"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
"lang": "eng",
"value": "Insufficient validation of untrusted input in PPAPI Plugins in Google Chrome prior to 60.0.3112.78 for Windows allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Insufficient validation of untrusted input"
"lang": "eng",
"value": "Insufficient validation of untrusted input"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource" : "MISC",
"url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
"name": "GLSA-201709-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-15"
},
{
"name" : "https://crbug.com/733549",
"refsource" : "MISC",
"url" : "https://crbug.com/733549"
"name": "DSA-3926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3926"
},
{
"name" : "DSA-3926",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3926"
"name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html"
},
{
"name" : "GLSA-201709-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-15"
"name": "99950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99950"
},
{
"name" : "RHSA-2017:1833",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1833"
"name": "RHSA-2017:1833",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1833"
},
{
"name" : "99950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99950"
"name": "https://crbug.com/733549",
"refsource": "MISC",
"url": "https://crbug.com/733549"
}
]
}

22
2017/5xxx/CVE-2017-5324.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5324",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5324",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/5xxx/CVE-2017-5903.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5903",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5903",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}