admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:24:25 +00:00
parent 7c9a34e400
commit ef58199ed8
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
50 changed files with 3211 additions and 3211 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2006/5xxx/CVE-2006-5124.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5124",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html",
"refsource" : "MISC",
"url" : "http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html"
},
{
"name" : "2451",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2451"
},
{
"name" : "20264",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20264"
},
{
"name" : "ADV-2006-3846",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3846"
},
{
"name" : "22178",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22178"
},
{
"name" : "phpmywebmin-window-file-include(29258)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29258"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "phpmywebmin-window-file-include(29258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29258"
},
{
"name": "ADV-2006-3846",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3846"
},
{
"name": "20264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20264"
},
{
"name": "2451",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2451"
},
{
"name": "22178",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22178"
},
{
"name": "http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html",
"refsource": "MISC",
"url": "http://kernel-32.blogspot.com/2006/09/php-mywebmin-10-remote-file-include.html"
}
]
}
}

160
2006/5xxx/CVE-2006-5429.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5429",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php in (1) templates/barrel/, (2) templates/sidebar/, (3) templates/text-only, (4) templates/slashdot/, (5) templates/penguin/, (6) templates/pda/, (7) templates/oerdec/, (8) templates/nifty/, (9) templates/mylook, and (10) templates/barry/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "2589",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2589"
},
{
"name" : "20594",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20594"
},
{
"name" : "ADV-2006-4086",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4086"
},
{
"name" : "22465",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22465"
},
{
"name" : "brim-renderer-file-include(29647)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29647"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Barry Nauta BRIM 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter in template.tpl.php in (1) templates/barrel/, (2) templates/sidebar/, (3) templates/text-only, (4) templates/slashdot/, (5) templates/penguin/, (6) templates/pda/, (7) templates/oerdec/, (8) templates/nifty/, (9) templates/mylook, and (10) templates/barry/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4086",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4086"
},
{
"name": "22465",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22465"
},
{
"name": "2589",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2589"
},
{
"name": "brim-renderer-file-include(29647)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29647"
},
{
"name": "20594",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20594"
}
]
}
}

210
2007/2xxx/CVE-2007-2538.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2538",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070504 RunCms <= 1.5.2 debug_show.php sql injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/467665/100/0/threaded"
},
{
"name" : "3850",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3850"
},
{
"name" : "http://retrogod.altervista.org/runcms_152_sql.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/runcms_152_sql.html"
},
{
"name" : "http://www.runcms.org/modules/news/",
"refsource" : "CONFIRM",
"url" : "http://www.runcms.org/modules/news/"
},
{
"name" : "23819",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23819"
},
{
"name" : "35782",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35782"
},
{
"name" : "ADV-2007-1669",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1669"
},
{
"name" : "25154",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25154"
},
{
"name" : "2671",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2671"
},
{
"name" : "runcms-debugshow-sql-injection(34075)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34075"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in class/debug/debug_show.php in RunCms 1.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the executed_queries array parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1669",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1669"
},
{
"name": "3850",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3850"
},
{
"name": "20070504 RunCms <= 1.5.2 debug_show.php sql injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467665/100/0/threaded"
},
{
"name": "2671",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2671"
},
{
"name": "http://retrogod.altervista.org/runcms_152_sql.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/runcms_152_sql.html"
},
{
"name": "25154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25154"
},
{
"name": "http://www.runcms.org/modules/news/",
"refsource": "CONFIRM",
"url": "http://www.runcms.org/modules/news/"
},
{
"name": "runcms-debugshow-sql-injection(34075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34075"
},
{
"name": "35782",
"refsource": "OSVDB",
"url": "http://osvdb.org/35782"
},
{
"name": "23819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23819"
}
]
}
}

140
2007/2xxx/CVE-2007-2602.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2602",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070509 Multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468070/100/0/threaded"
},
{
"name" : "36217",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36217"
},
{
"name" : "2708",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2708"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If there is not a common scenario under which MIBEXTRA.EXE is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36217",
"refsource": "OSVDB",
"url": "http://osvdb.org/36217"
},
{
"name": "20070509 Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded"
},
{
"name": "2708",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2708"
}
]
}
}

550
2007/3xxx/CVE-2007-3736.json
View File

@ -1,277 +1,277 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3736",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script \"into another site's context\" via a \"timing issue\" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-3736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070720 rPSA-2007-0148-1 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474226/100/0/threaded"
},
{
"name" : "20070724 FLEA-2007-0033-1: firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474542/100/0/threaded"
},
{
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-19.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-19.html"
},
{
"name" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt"
},
{
"name" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html"
},
{
"name" : "DSA-1337",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1337"
},
{
"name" : "DSA-1338",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1338"
},
{
"name" : "DSA-1339",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1339"
},
{
"name" : "GLSA-200708-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "MDKSA-2007:152",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152"
},
{
"name" : "RHSA-2007:0722",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0722.html"
},
{
"name" : "RHSA-2007:0723",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0723.html"
},
{
"name" : "RHSA-2007:0724",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0724.html"
},
{
"name" : "20070701-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name" : "103177",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1"
},
{
"name" : "201516",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1"
},
{
"name" : "SUSE-SA:2007:049",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html"
},
{
"name" : "USN-490-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-490-1"
},
{
"name" : "24946",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24946"
},
{
"name" : "oval:org.mitre.oval:def:11749",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749"
},
{
"name" : "ADV-2007-2564",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2564"
},
{
"name" : "ADV-2007-4256",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4256"
},
{
"name" : "1018410",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018410"
},
{
"name" : "26095",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26095"
},
{
"name" : "26103",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26103"
},
{
"name" : "26106",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26106"
},
{
"name" : "26107",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26107"
},
{
"name" : "25589",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25589"
},
{
"name" : "26179",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26179"
},
{
"name" : "26149",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26149"
},
{
"name" : "26151",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26151"
},
{
"name" : "26072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26072"
},
{
"name" : "26211",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26211"
},
{
"name" : "26216",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26216"
},
{
"name" : "26204",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26204"
},
{
"name" : "26205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26205"
},
{
"name" : "26159",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26159"
},
{
"name" : "26271",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26271"
},
{
"name" : "26258",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26258"
},
{
"name" : "26460",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26460"
},
{
"name" : "28135",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28135"
},
{
"name" : "mozilla-addeventlistener-settimeout-xss(35462)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35462"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script \"into another site's context\" via a \"timing issue\" involving the (1) addEventListener or (2) setTimeout function, probably by setting events that activate after the context has changed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-490-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-490-1"
},
{
"name": "26107",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26107"
},
{
"name": "oval:org.mitre.oval:def:11749",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11749"
},
{
"name": "26179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26179"
},
{
"name": "ADV-2007-4256",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4256"
},
{
"name": "25589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25589"
},
{
"name": "1018410",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018410"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "MDKSA-2007:152",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152"
},
{
"name": "GLSA-200708-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml"
},
{
"name": "DSA-1339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1339"
},
{
"name": "26151",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26151"
},
{
"name": "28135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28135"
},
{
"name": "26216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26216"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-19.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-19.html"
},
{
"name": "26103",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26103"
},
{
"name": "26072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26072"
},
{
"name": "26149",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26149"
},
{
"name": "103177",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1"
},
{
"name": "ADV-2007-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2564"
},
{
"name": "DSA-1337",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1337"
},
{
"name": "26211",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26211"
},
{
"name": "26159",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26159"
},
{
"name": "SUSE-SA:2007:049",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "DSA-1338",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1338"
},
{
"name": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt"
},
{
"name": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html"
},
{
"name": "26095",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26095"
},
{
"name": "20070724 FLEA-2007-0033-1: firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474542/100/0/threaded"
},
{
"name": "26258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26258"
},
{
"name": "24946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24946"
},
{
"name": "26460",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26460"
},
{
"name": "26106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26106"
},
{
"name": "20070701-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc"
},
{
"name": "RHSA-2007:0724",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0724.html"
},
{
"name": "20070720 rPSA-2007-0148-1 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474226/100/0/threaded"
},
{
"name": "RHSA-2007:0723",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0723.html"
},
{
"name": "mozilla-addeventlistener-settimeout-xss(35462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35462"
},
{
"name": "26271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26271"
},
{
"name": "RHSA-2007:0722",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0722.html"
},
{
"name": "201516",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1"
},
{
"name": "26204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26204"
},
{
"name": "26205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26205"
}
]
}
}

230
2007/3xxx/CVE-2007-3856.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3856",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3856",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource" : "MISC",
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
},
{
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource" : "MISC",
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
},
{
"name" : "HPSBMA02133",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "SSRT061201",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name" : "TA07-200A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
},
{
"name" : "ADV-2007-2562",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2562"
},
{
"name" : "ADV-2007-2635",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2635"
},
{
"name" : "1018415",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018415"
},
{
"name" : "26114",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26114"
},
{
"name" : "26166",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26166"
},
{
"name" : "oracle-cpu-july2007(35490)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name": "26114",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26114"
},
{
"name": "26166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26166"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
},
{
"name": "TA07-200A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
},
{
"name": "ADV-2007-2562",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2562"
},
{
"name": "ADV-2007-2635",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2635"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
},
{
"name": "oracle-cpu-july2007(35490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
},
{
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
},
{
"name": "1018415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018415"
},
{
"name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
}
]
}
}

130
2007/6xxx/CVE-2007-6186.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6186",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a \"minor security bug in repair & optimize database.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.phpdevshell.org/changelog",
"refsource" : "CONFIRM",
"url" : "http://www.phpdevshell.org/changelog"
},
{
"name" : "phpdevshell-database-unspecified(38803)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38803"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a \"minor security bug in repair & optimize database.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.phpdevshell.org/changelog",
"refsource": "CONFIRM",
"url": "http://www.phpdevshell.org/changelog"
},
{
"name": "phpdevshell-database-unspecified(38803)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38803"
}
]
}
}

170
2007/6xxx/CVE-2007-6202.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6202",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4678",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4678"
},
{
"name" : "http://www.neocrome.net/page.php?id=2349",
"refsource" : "CONFIRM",
"url" : "http://www.neocrome.net/page.php?id=2349"
},
{
"name" : "26655",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26655"
},
{
"name" : "38924",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38924"
},
{
"name" : "27881",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27881"
},
{
"name" : "seditio-pagsub-sql-injection(38774)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38774"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in plugins/search/search.php in Neocrome Seditio CMS 121 and earlier allows remote attackers to execute arbitrary SQL commands via the pag_sub[] parameter to plug.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.neocrome.net/page.php?id=2349",
"refsource": "CONFIRM",
"url": "http://www.neocrome.net/page.php?id=2349"
},
{
"name": "4678",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4678"
},
{
"name": "38924",
"refsource": "OSVDB",
"url": "http://osvdb.org/38924"
},
{
"name": "26655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26655"
},
{
"name": "27881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27881"
},
{
"name": "seditio-pagsub-sql-injection(38774)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38774"
}
]
}
}

160
2007/6xxx/CVE-2007-6252.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6252",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-6252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "VU#524857",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/524857"
},
{
"name" : "28058",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/28058"
},
{
"name" : "ADV-2008-0733",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0733"
},
{
"name" : "29195",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29195"
},
{
"name" : "learn2-strunner-activex-bo(40973)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/40973"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the Learn2 Corporation STRunner (aka Street Technologies) ActiveX control in iestm32.dll allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#524857",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/524857"
},
{
"name": "28058",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28058"
},
{
"name": "29195",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29195"
},
{
"name": "ADV-2008-0733",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0733"
},
{
"name": "learn2-strunner-activex-bo(40973)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40973"
}
]
}
}

150
2007/6xxx/CVE-2007-6290.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6290",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4696",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4696"
},
{
"name" : "26747",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26747"
},
{
"name" : "39220",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39220"
},
{
"name" : "serweb-getjs-file-include(38907)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38907"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in js/get_js.php in SERWeb 2.0.0 dev1 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) mod and (2) js parameters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26747",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26747"
},
{
"name": "39220",
"refsource": "OSVDB",
"url": "http://osvdb.org/39220"
},
{
"name": "4696",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4696"
},
{
"name": "serweb-getjs-file-include(38907)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38907"
}
]
}
}

34
2010/0xxx/CVE-2010-0061.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0061",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0061",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2010/0xxx/CVE-2010-0141.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0141",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100127 Multiple Vulnerabilities in Cisco Unified MeetingPlace",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml"
},
{
"name" : "37965",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/37965"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100127 Multiple Vulnerabilities in Cisco Unified MeetingPlace",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml"
},
{
"name": "37965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37965"
}
]
}
}

160
2010/0xxx/CVE-2010-0673.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0673",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt"
},
{
"name" : "11458",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/11458"
},
{
"name" : "38239",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38239"
},
{
"name" : "62346",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/62346"
},
{
"name" : "38579",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38579"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly earlier, for WordPress allows remote attackers to execute arbitrary SQL commands via the postid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "62346",
"refsource": "OSVDB",
"url": "http://osvdb.org/62346"
},
{
"name": "11458",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11458"
},
{
"name": "http://packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1002-exploits/wpcopperleaf-sql.txt"
},
{
"name": "38579",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38579"
},
{
"name": "38239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38239"
}
]
}
}

160
2010/1xxx/CVE-2010-1015.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1015",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1015",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/extensions/repository/view/sav_filter_abc/1.0.9/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/sav_filter_abc/1.0.9/"
},
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name" : "38801",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38801"
},
{
"name" : "63033",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/63033"
},
{
"name" : "38995",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38995"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/extensions/repository/view/sav_filter_abc/1.0.9/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/sav_filter_abc/1.0.9/"
},
{
"name": "38995",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38995"
},
{
"name": "63033",
"refsource": "OSVDB",
"url": "http://osvdb.org/63033"
},
{
"name": "38801",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38801"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
}
]
}
}

120
2010/1xxx/CVE-2010-1051.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1051",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1051",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "38494",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38494"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) month parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38494",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38494"
}
]
}
}

140
2010/1xxx/CVE-2010-1221.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1221",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20100406 CA20100406-01: Security Notice for CA XOsoft",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/510564/100/0/threaded"
},
{
"name" : "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869",
"refsource" : "CONFIRM",
"url" : "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869"
},
{
"name" : "39244",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39244"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20100406 CA20100406-01: Security Notice for CA XOsoft",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510564/100/0/threaded"
},
{
"name": "39244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39244"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869"
}
]
}
}

120
2010/1xxx/CVE-2010-1854.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1854",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be resultant from CVE-2010-1855."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1854",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "39059",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39059"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote attackers to inject arbitrary web script or HTML via the id_auk parameter, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might be resultant from CVE-2010-1855."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39059"
}
]
}
}

160
2010/5xxx/CVE-2010-5187.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5187",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running on servers with certain configurations, allows remote attackers to obtain sensitive information via a direct request to PHP files in the (1) sapphire, (2) cms, or (3) mysite folders, which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name" : "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/01/3"
},
{
"name" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8"
},
{
"name" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running on servers with certain configurations, allows remote attackers to obtain sensitive information via a direct request to PHP files in the (1) sapphire, (2) cms, or (3) mysite folders, which reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/01/3"
},
{
"name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1"
},
{
"name": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8"
}
]
}
}

34
2014/0xxx/CVE-2014-0048.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0048",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0048",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

170
2014/0xxx/CVE-2014-0280.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0280",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-0280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-010",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010"
},
{
"name" : "65380",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65380"
},
{
"name" : "103179",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/103179"
},
{
"name" : "1029741",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029741"
},
{
"name" : "56796",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56796"
},
{
"name" : "ms-ie-cve20140280-code-exec(90770)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90770"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS14-010",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010"
},
{
"name": "103179",
"refsource": "OSVDB",
"url": "http://osvdb.org/103179"
},
{
"name": "ms-ie-cve20140280-code-exec(90770)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90770"
},
{
"name": "1029741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029741"
},
{
"name": "56796",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56796"
},
{
"name": "65380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65380"
}
]
}
}

34
2014/0xxx/CVE-2014-0903.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0903",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0903",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/1xxx/CVE-2014-1222.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1222",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM before 6.0.0 Security patch 1 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter in a download action. NOTE: it is likely that this issue is actually in the KCFinder third-party component, and it affects additional products besides Vtiger CRM."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20140312 CVE-2014-1222 - Local File Inclusion in Vtiger CRM",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/531423/100/0/threaded"
},
{
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1222/",
"refsource" : "MISC",
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1222/"
},
{
"name" : "http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.0.0/Add-ons/vtigercrm-600-security-patch1.zip/download",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.0.0/Add-ons/vtigercrm-600-security-patch1.zip/download"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM before 6.0.0 Security patch 1 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter in a download action. NOTE: it is likely that this issue is actually in the KCFinder third-party component, and it affects additional products besides Vtiger CRM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1222/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1222/"
},
{
"name": "20140312 CVE-2014-1222 - Local File Inclusion in Vtiger CRM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531423/100/0/threaded"
},
{
"name": "http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.0.0/Add-ons/vtigercrm-600-security-patch1.zip/download",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%206.0.0/Add-ons/vtigercrm-600-security-patch1.zip/download"
}
]
}
}

120
2014/1xxx/CVE-2014-1274.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1274",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-1274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT6162",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6162"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive FaceTime contact information by using the lock screen for an invalid FaceTime call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT6162",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6162"
}
]
}
}

160
2014/1xxx/CVE-2014-1377.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1377",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2014-1377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://code.google.com/p/google-security-research/issues/detail?id=17",
"refsource" : "MISC",
"url" : "https://code.google.com/p/google-security-research/issues/detail?id=17"
},
{
"name" : "http://support.apple.com/kb/HT6296",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT6296"
},
{
"name" : "APPLE-SA-2014-06-30-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html"
},
{
"name" : "1030505",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030505"
},
{
"name" : "59475",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59475"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT6296",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6296"
},
{
"name": "1030505",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030505"
},
{
"name": "APPLE-SA-2014-06-30-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html"
},
{
"name": "https://code.google.com/p/google-security-research/issues/detail?id=17",
"refsource": "MISC",
"url": "https://code.google.com/p/google-security-research/issues/detail?id=17"
},
{
"name": "59475",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59475"
}
]
}
}

140
2014/1xxx/CVE-2014-1791.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1791",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-1791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-035",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name" : "67884",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67884"
},
{
"name" : "1030370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030370"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name": "67884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67884"
}
]
}
}

140
2014/4xxx/CVE-2014-4524.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4524",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4524",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://codevigilant.com/disclosure/wp-plugin-easy-post-types-a3-cross-site-scripting-xss",
"refsource" : "MISC",
"url" : "http://codevigilant.com/disclosure/wp-plugin-easy-post-types-a3-cross-site-scripting-xss"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=842687%40easy-post-types&old=806912%40easy-post-types&sfp_email=&sfph_mail=",
"refsource" : "MISC",
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=842687%40easy-post-types&old=806912%40easy-post-types&sfp_email=&sfph_mail="
},
{
"name" : "http://wordpress.org/plugins/easy-post-types/changelog",
"refsource" : "CONFIRM",
"url" : "http://wordpress.org/plugins/easy-post-types/changelog"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wordpress.org/plugins/easy-post-types/changelog",
"refsource": "CONFIRM",
"url": "http://wordpress.org/plugins/easy-post-types/changelog"
},
{
"name": "http://codevigilant.com/disclosure/wp-plugin-easy-post-types-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-easy-post-types-a3-cross-site-scripting-xss"
},
{
"name": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=842687%40easy-post-types&old=806912%40easy-post-types&sfp_email=&sfph_mail=",
"refsource": "MISC",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=842687%40easy-post-types&old=806912%40easy-post-types&sfp_email=&sfph_mail="
}
]
}
}

160
2014/4xxx/CVE-2014-4746.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4746",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680230",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680230"
},
{
"name" : "PI21858",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21858"
},
{
"name" : "1030669",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030669"
},
{
"name" : "60612",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60612"
},
{
"name" : "ibm-websphere-cve20144746-info-disc(94348)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94348"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere Portal 8.0.0 before 8.0.0.1 CF13 and 8.5.0 through CF01 provides different error codes for firewall-traversal requests depending on whether the intranet host exists, which allows remote attackers to map the intranet network via a series of requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680230",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680230"
},
{
"name": "60612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60612"
},
{
"name": "PI21858",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI21858"
},
{
"name": "ibm-websphere-cve20144746-info-disc(94348)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94348"
},
{
"name": "1030669",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030669"
}
]
}
}

140
2014/5xxx/CVE-2014-5534.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5534",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Princess Shopping (aka air.android.PrincessShopping) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5534",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#991961",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/991961"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Princess Shopping (aka air.android.PrincessShopping) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#991961",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/991961"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5567.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5567",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#768001",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/768001"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The hasb_e_haal (aka com.anawaz.hasb_e_haal) application 1.0.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#768001",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/768001"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5755.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5755",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The verizon (aka com.wverizonwirelessbill) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5755",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#820537",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/820537"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The verizon (aka com.wverizonwirelessbill) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#820537",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/820537"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

160
2016/10xxx/CVE-2016-10192.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10192",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20170201 CVE Request: ffmpeg remote exploitaion results code execution",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/31/12"
},
{
"name" : "[oss-security] 20170202 Re: CVE Request: ffmpeg remote exploitaion results code execution",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/02/02/1"
},
{
"name" : "https://ffmpeg.org/security.html",
"refsource" : "CONFIRM",
"url" : "https://ffmpeg.org/security.html"
},
{
"name" : "https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156",
"refsource" : "CONFIRM",
"url" : "https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156"
},
{
"name" : "95991",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95991"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95991"
},
{
"name": "https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156",
"refsource": "CONFIRM",
"url": "https://github.com/FFmpeg/FFmpeg/commit/a5d25faa3f4b18dac737fdb35d0dd68eb0dc2156"
},
{
"name": "[oss-security] 20170201 CVE Request: ffmpeg remote exploitaion results code execution",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/12"
},
{
"name": "[oss-security] 20170202 Re: CVE Request: ffmpeg remote exploitaion results code execution",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/02/02/1"
},
{
"name": "https://ffmpeg.org/security.html",
"refsource": "CONFIRM",
"url": "https://ffmpeg.org/security.html"
}
]
}
}

140
2016/3xxx/CVE-2016-3270.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3270",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-120",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120"
},
{
"name" : "93403",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93403"
},
{
"name" : "1036988",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036988"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Graphics component in the kernel in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036988",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036988"
},
{
"name": "93403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93403"
},
{
"name": "MS16-120",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120"
}
]
}
}

150
2016/3xxx/CVE-2016-3528.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3528",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect availability via vectors related to Expenses Admin Utilities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91865",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91865"
},
{
"name" : "1036403",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036403"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Internet Expenses component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect availability via vectors related to Expenses Admin Utilities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91865"
},
{
"name": "1036403",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036403"
}
]
}
}

150
2016/3xxx/CVE-2016-3547.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3547",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Content Manager."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91893",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91893"
},
{
"name" : "1036403",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036403"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle One-to-One Fulfillment component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality via vectors related to Content Manager."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91893"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "1036403",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036403"
}
]
}
}

150
2016/3xxx/CVE-2016-3613.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3613",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to OpenSSL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91856",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91856"
},
{
"name" : "1036391",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036391"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, and 5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to OpenSSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "1036391",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036391"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91856",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91856"
}
]
}
}

34
2016/7xxx/CVE-2016-7304.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7304",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7304",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/8xxx/CVE-2016-8098.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8098",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8098",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/8xxx/CVE-2016-8139.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8139",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8139",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2016/8xxx/CVE-2016-8403.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8403",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Kernel-3.10"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31495348."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel-3.10"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94686",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94686"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31495348."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name": "94686",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94686"
}
]
}
}

130
2016/8xxx/CVE-2016-8598.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8598",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/GomSpace/libcsp/pull/80",
"refsource" : "MISC",
"url" : "https://github.com/GomSpace/libcsp/pull/80"
},
{
"name" : "94226",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94226"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/GomSpace/libcsp/pull/80",
"refsource": "MISC",
"url": "https://github.com/GomSpace/libcsp/pull/80"
},
{
"name": "94226",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94226"
}
]
}
}

130
2016/9xxx/CVE-2016-9139.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9139",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2016-9139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.otrs.com/security-advisory-2016-02-security-update-otrs/",
"refsource" : "CONFIRM",
"url" : "https://www.otrs.com/security-advisory-2016-02-security-update-otrs/"
},
{
"name" : "94141",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94141"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) 3.3.x before 3.3.16, 4.0.x before 4.0.19, and 5.0.x before 5.0.14 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94141",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94141"
},
{
"name": "https://www.otrs.com/security-advisory-2016-02-security-update-otrs/",
"refsource": "CONFIRM",
"url": "https://www.otrs.com/security-advisory-2016-02-security-update-otrs/"
}
]
}
}

180
2016/9xxx/CVE-2016-9394.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9394",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161117 Re: jasper: multiple assertion failures",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/17/1"
},
{
"name" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396975",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1396975"
},
{
"name" : "https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330",
"refsource" : "CONFIRM",
"url" : "https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330"
},
{
"name" : "RHSA-2017:1208",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1208"
},
{
"name" : "USN-3693-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3693-1/"
},
{
"name" : "94372",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94372"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94372"
},
{
"name": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure"
},
{
"name": "https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330",
"refsource": "CONFIRM",
"url": "https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330"
},
{
"name": "RHSA-2017:1208",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1208"
},
{
"name": "[oss-security] 20161117 Re: jasper: multiple assertion failures",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/17/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1396975",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396975"
},
{
"name": "USN-3693-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3693-1/"
}
]
}
}

150
2016/9xxx/CVE-2016-9404.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9404",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors related to login."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9404",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8"
},
{
"name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/",
"refsource" : "CONFIRM",
"url" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/"
},
{
"name" : "94395",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94395"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 might allow remote attackers to inject arbitrary web script or HTML via vectors related to login."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94395"
},
{
"name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
},
{
"name": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/",
"refsource": "CONFIRM",
"url": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/"
}
]
}
}

34
2019/2xxx/CVE-2019-2067.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2067",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2067",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2243.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2243",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2243",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2703.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2703",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2703",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2951.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2951",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2951",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6030.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6030",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6030",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6366.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6366",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6366",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6755.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6755",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6755",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}