admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:03:12 +00:00
parent 6db8dc5b69
commit f5bc750717
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 4237 additions and 4239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2001/0xxx/CVE-2001-0139.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0139", "ID": "CVE-2001-0139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations." "value": "inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010110 Immunix OS Security update for lots of temp file problems", "name": "20010110 Immunix OS Security update for lots of temp file problems",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=97916374410647&w=2" "url": "http://marc.info/?l=bugtraq&m=97916374410647&w=2"
}, },
{ {
"name" : "MDKSA-2001:010", "name": "linux-inn-symlink(5916)",
"refsource" : "MANDRAKE", "refsource": "XF",
"url" : "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916"
}, },
{ {
"name" : "CSSA-2001-001.0", "name": "MDKSA-2001:010",
"refsource" : "CALDERA", "refsource": "MANDRAKE",
"url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt" "url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3"
}, },
{ {
"name" : "linux-inn-symlink(5916)", "name": "2190",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5916" "url": "http://www.securityfocus.com/bid/2190"
}, },
{ {
"name" : "2190", "name": "CSSA-2001-001.0",
"refsource" : "BID", "refsource": "CALDERA",
"url" : "http://www.securityfocus.com/bid/2190" "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt"
} }
] ]
} }

80
2001/1xxx/CVE-2001-1406.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1406", "ID": "CVE-2001-1406",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "process_bug.cgi in Bugzilla before 2.14 does not set the \"groupset\" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent." "value": "process_bug.cgi in Bugzilla before 2.14 does not set the \"groupset\" bit when a bug is moved between product groups, which will cause the bug to have the old group's restrictions, which might not be as stringent."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20010829 Security Advisory for Bugzilla v2.13 and older", "name": "20010829 Security Advisory for Bugzilla v2.13 and older",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=99912899900567" "url": "http://marc.info/?l=bugtraq&m=99912899900567"
}, },
{ {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=66235", "name": "RHSA-2001:107",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=66235" "url": "http://www.redhat.com/support/errata/RHSA-2001-107.html"
}, },
{ {
"name" : "RHSA-2001:107", "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=66235",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2001-107.html" "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=66235"
}, },
{ {
"name" : "bugzilla-processbug-old-restrictions(10478)", "name": "bugzilla-processbug-old-restrictions(10478)",
"refsource" : "XF", "refsource": "XF",
"url" : "http://www.iss.net/security_center/static/10478.php" "url": "http://www.iss.net/security_center/static/10478.php"
} }
] ]
} }

74
2001/1xxx/CVE-2001-1479.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1479", "ID": "CVE-2001-1479",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT." "value": "smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.securiteam.com/unixfocus/6K00S203FC.html", "name": "http://www.securiteam.com/unixfocus/6K00S203FC.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.securiteam.com/unixfocus/6K00S203FC.html" "url": "http://www.securiteam.com/unixfocus/6K00S203FC.html"
}, },
{ {
"name" : "sun-smcboot-tmp-symlink(7756)", "name": "sun-smcboot-tmp-symlink(7756)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7756" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7756"
}, },
{ {
"name" : "3763", "name": "3763",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/3763" "url": "http://www.securityfocus.com/bid/3763"
} }
] ]
} }

92
2006/2xxx/CVE-2006-2033.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2033", "ID": "CVE-2006-2033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same primary issue." "value": "PHP remote file inclusion vulnerability in Core CoreNews 2.0.1 and earlier allows remote authenticated users to execute arbitrary commands via the show parameter. NOTE: this is a different vector than CVE-2006-1212, although it might be the same primary issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.", "name": "corenews-index-file-include(25979)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/431761/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25979"
}, },
{ {
"name" : "20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.", "name": "20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045372.html" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045372.html"
}, },
{ {
"name" : "http://www.nukedx.com/?getxpl=24", "name": "http://www.nukedx.com/?getxpl=24",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.nukedx.com/?getxpl=24" "url": "http://www.nukedx.com/?getxpl=24"
}, },
{ {
"name" : "17655", "name": "797",
"refsource" : "BID", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/bid/17655" "url": "http://securityreason.com/securityalert/797"
}, },
{ {
"name" : "797", "name": "20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities.",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/797" "url": "http://www.securityfocus.com/archive/1/431761/100/0/threaded"
}, },
{ {
"name" : "corenews-index-file-include(25979)", "name": "17655",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25979" "url": "http://www.securityfocus.com/bid/17655"
} }
] ]
} }

86
2006/2xxx/CVE-2006-2359.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2359", "ID": "CVE-2006-2359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection." "value": "Cross-site scripting (XSS) vulnerability in charts.php in the Chart mod for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060511 phpBB \"charts.php\" XSS and SQL-Injection", "name": "20060516 Re: phpBB \"charts.php\" XSS and SQL-Injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/433715/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/434461/100/0/threaded"
}, },
{ {
"name" : "20060512 Re: phpBB \"charts.php\" XSS and SQL-Injection", "name": "20060512 Re: phpBB \"charts.php\" XSS and SQL-Injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/433848/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/433848/100/0/threaded"
}, },
{ {
"name" : "20060516 Re: phpBB \"charts.php\" XSS and SQL-Injection", "name": "17952",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/434461/100/0/threaded" "url": "http://www.securityfocus.com/bid/17952"
}, },
{ {
"name" : "17952", "name": "phpbb-charts-xss(26414)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17952" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26414"
}, },
{ {
"name" : "phpbb-charts-xss(26414)", "name": "20060511 phpBB \"charts.php\" XSS and SQL-Injection",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26414" "url": "http://www.securityfocus.com/archive/1/433715/100/0/threaded"
} }
] ]
} }

146
2006/2xxx/CVE-2006-2370.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2006-2370", "ID": "CVE-2006-2370",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted \"RPC related requests,\" aka the \"RRAS Memory Corruption Vulnerability.\"" "value": "Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted \"RPC related requests,\" aka the \"RRAS Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS06-025", "name": "win-rras-bo(26812)",
"refsource" : "MS", "refsource": "XF",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-025" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26812"
}, },
{ {
"name" : "TA06-164A", "name": "MS06-025",
"refsource" : "CERT", "refsource": "MS",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-164A.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-025"
}, },
{ {
"name" : "VU#631516", "name": "oval:org.mitre.oval:def:1720",
"refsource" : "CERT-VN", "refsource": "OVAL",
"url" : "http://www.kb.cert.org/vuls/id/631516" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1720"
}, },
{ {
"name" : "18325", "name": "oval:org.mitre.oval:def:1587",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/18325" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1587"
}, },
{ {
"name" : "ADV-2006-2323", "name": "oval:org.mitre.oval:def:1936",
"refsource" : "VUPEN", "refsource": "OVAL",
"url" : "http://www.vupen.com/english/advisories/2006/2323" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1936"
}, },
{ {
"name" : "26437", "name": "ADV-2006-2323",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/26437" "url": "http://www.vupen.com/english/advisories/2006/2323"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1587", "name": "TA06-164A",
"refsource" : "OVAL", "refsource": "CERT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1587" "url": "http://www.us-cert.gov/cas/techalerts/TA06-164A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1720", "name": "oval:org.mitre.oval:def:1741",
"refsource" : "OVAL", "refsource": "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1720" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1741"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1741", "name": "26437",
"refsource" : "OVAL", "refsource": "OSVDB",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1741" "url": "http://www.osvdb.org/26437"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1823", "name": "1016285",
"refsource" : "OVAL", "refsource": "SECTRACK",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1823" "url": "http://securitytracker.com/id?1016285"
}, },
{ {
"name" : "oval:org.mitre.oval:def:1936", "name": "VU#631516",
"refsource" : "OVAL", "refsource": "CERT-VN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1936" "url": "http://www.kb.cert.org/vuls/id/631516"
}, },
{ {
"name" : "oval:org.mitre.oval:def:2061", "name": "20630",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2061" "url": "http://secunia.com/advisories/20630"
}, },
{ {
"name" : "1016285", "name": "18325",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1016285" "url": "http://www.securityfocus.com/bid/18325"
}, },
{ {
"name" : "20630", "name": "oval:org.mitre.oval:def:2061",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/20630" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2061"
}, },
{ {
"name" : "win-rras-bo(26812)", "name": "oval:org.mitre.oval:def:1823",
"refsource" : "XF", "refsource": "OVAL",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26812" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1823"
} }
] ]
} }

98
2006/2xxx/CVE-2006-2688.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2688", "ID": "CVE-2006-2688",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter." "value": "SQL injection vulnerability in the employees node (class.employee.inc) in Achievo 1.1.0 and earlier and 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the atkselector parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.achievo.org/download/releasenotes/1_2_1", "name": "ADV-2006-2053",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.achievo.org/download/releasenotes/1_2_1" "url": "http://www.vupen.com/english/advisories/2006/2053"
}, },
{ {
"name" : "http://bugzilla.achievo.org/show_bug.cgi?id=624", "name": "achievo-atkselector-sql-injection(26755)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://bugzilla.achievo.org/show_bug.cgi?id=624" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26755"
}, },
{ {
"name" : "18171", "name": "http://www.achievo.org/download/releasenotes/1_2_1",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/18171" "url": "http://www.achievo.org/download/releasenotes/1_2_1"
}, },
{ {
"name" : "ADV-2006-2053", "name": "25811",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2006/2053" "url": "http://www.osvdb.org/25811"
}, },
{ {
"name" : "25811", "name": "http://bugzilla.achievo.org/show_bug.cgi?id=624",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/25811" "url": "http://bugzilla.achievo.org/show_bug.cgi?id=624"
}, },
{ {
"name" : "20327", "name": "20327",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20327" "url": "http://secunia.com/advisories/20327"
}, },
{ {
"name" : "achievo-atkselector-sql-injection(26755)", "name": "18171",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26755" "url": "http://www.securityfocus.com/bid/18171"
} }
] ]
} }

176
2006/2xxx/CVE-2006-2842.json
View File

@ -1,156 +1,156 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2842", "ID": "CVE-2006-2842",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable." "value": "** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060601 Squirrelmail local file inclusion", "name": "SUSE-SR:2006:017",
"refsource" : "BUGTRAQ", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/archive/1/435605/100/0/threaded" "url": "http://www.novell.com/linux/security/advisories/2006_17_sr.html"
}, },
{ {
"name" : "http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE", "name": "ADV-2007-2732",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE" "url": "http://www.vupen.com/english/advisories/2007/2732"
}, },
{ {
"name" : "http://www.squirrelmail.org/security/issue/2006-06-01", "name": "18231",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.squirrelmail.org/security/issue/2006-06-01" "url": "http://www.securityfocus.com/bid/18231"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=306172", "name": "APPLE-SA-2007-07-31",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://docs.info.apple.com/article.html?artnum=306172" "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
}, },
{ {
"name" : "APPLE-SA-2007-07-31", "name": "http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" "url": "http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE"
}, },
{ {
"name" : "MDKSA-2006:101", "name": "20060601 Squirrelmail local file inclusion",
"refsource" : "MANDRIVA", "refsource": "BUGTRAQ",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:101" "url": "http://www.securityfocus.com/archive/1/435605/100/0/threaded"
}, },
{ {
"name" : "RHSA-2006:0547", "name": "21262",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0547.html" "url": "http://secunia.com/advisories/21262"
}, },
{ {
"name" : "20060703-01-P", "name": "RHSA-2006:0547",
"refsource" : "SGI", "refsource": "REDHAT",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" "url": "http://www.redhat.com/support/errata/RHSA-2006-0547.html"
}, },
{ {
"name" : "SUSE-SR:2006:017", "name": "20406",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://www.novell.com/linux/security/advisories/2006_17_sr.html" "url": "http://secunia.com/advisories/20406"
}, },
{ {
"name" : "18231", "name": "1016209",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/18231" "url": "http://securitytracker.com/id?1016209"
}, },
{ {
"name" : "25159", "name": "http://www.squirrelmail.org/security/issue/2006-06-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/25159" "url": "http://www.squirrelmail.org/security/issue/2006-06-01"
}, },
{ {
"name" : "oval:org.mitre.oval:def:11670", "name": "ADV-2006-2101",
"refsource" : "OVAL", "refsource": "VUPEN",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11670" "url": "http://www.vupen.com/english/advisories/2006/2101"
}, },
{ {
"name" : "ADV-2006-2101", "name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2006/2101" "url": "http://docs.info.apple.com/article.html?artnum=306172"
}, },
{ {
"name" : "ADV-2007-2732", "name": "21159",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/2732" "url": "http://secunia.com/advisories/21159"
}, },
{ {
"name" : "1016209", "name": "25159",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1016209" "url": "http://www.securityfocus.com/bid/25159"
}, },
{ {
"name" : "20406", "name": "MDKSA-2006:101",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/20406" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:101"
}, },
{ {
"name" : "20931", "name": "20060703-01-P",
"refsource" : "SECUNIA", "refsource": "SGI",
"url" : "http://secunia.com/advisories/20931" "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
}, },
{ {
"name" : "21159", "name": "oval:org.mitre.oval:def:11670",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/21159" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11670"
}, },
{ {
"name" : "21262", "name": "26235",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/21262" "url": "http://secunia.com/advisories/26235"
}, },
{ {
"name" : "26235", "name": "20931",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/26235" "url": "http://secunia.com/advisories/20931"
} }
] ]
} }

110
2006/3xxx/CVE-2006-3454.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3454", "ID": "CVE-2006-3454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages." "value": "Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060914 Layered Defense Advisory :Symantec AntiVirus Corporate Edition Format String Vulnerability", "name": "1016842",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/archive/1/446041/100/0/threaded" "url": "http://securitytracker.com/id?1016842"
}, },
{ {
"name" : "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition", "name": "symantecantivirus-messages-code-execution(28936)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/446293/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28936"
}, },
{ {
"name" : "http://layereddefense.com/SAV13SEPT.html", "name": "20060914 Layered Defense Advisory :Symantec AntiVirus Corporate Edition Format String Vulnerability",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://layereddefense.com/SAV13SEPT.html" "url": "http://www.securityfocus.com/archive/1/446041/100/0/threaded"
}, },
{ {
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html", "name": "http://layereddefense.com/SAV13SEPT.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html" "url": "http://layereddefense.com/SAV13SEPT.html"
}, },
{ {
"name" : "19986", "name": "19986",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/19986" "url": "http://www.securityfocus.com/bid/19986"
}, },
{ {
"name" : "ADV-2006-3599", "name": "21884",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/3599" "url": "http://secunia.com/advisories/21884"
}, },
{ {
"name" : "1016842", "name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1016842" "url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.13.html"
}, },
{ {
"name" : "21884", "name": "ADV-2006-3599",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/21884" "url": "http://www.vupen.com/english/advisories/2006/3599"
}, },
{ {
"name" : "symantecantivirus-messages-code-execution(28936)", "name": "20060918 Symantec Security Advisory: Symantec AntiVirus Corporate Edition",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28936" "url": "http://www.securityfocus.com/archive/1/446293/100/0/threaded"
} }
] ]
} }

80
2006/6xxx/CVE-2006-6307.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6307", "ID": "CVE-2006-6307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary." "value": "srvloc.sys in Novell Client for Windows before 4.91 SP3 allows remote attackers to cause an unspecified denial of service via a crafted packet to port 427 that triggers an access of pageable or invalid addresses using a higher interrupt request level (IRQL) than necessary."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html", "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html" "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/859/3480790_f.SAL_Public.html"
}, },
{ {
"name" : "21430", "name": "ADV-2006-4840",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/21430" "url": "http://www.vupen.com/english/advisories/2006/4840"
}, },
{ {
"name" : "ADV-2006-4840", "name": "21430",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/4840" "url": "http://www.securityfocus.com/bid/21430"
}, },
{ {
"name" : "23244", "name": "23244",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/23244" "url": "http://secunia.com/advisories/23244"
} }
] ]
} }

86
2006/6xxx/CVE-2006-6450.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6450", "ID": "CVE-2006-6450",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters." "value": "Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html", "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html" "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html"
}, },
{ {
"name" : "21473", "name": "zenworks-pmgmt-downloadreport-sql-injection(30768)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/21473" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30768"
}, },
{ {
"name" : "ADV-2006-4864", "name": "ADV-2006-4864",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4864" "url": "http://www.vupen.com/english/advisories/2006/4864"
}, },
{ {
"name" : "23243", "name": "21473",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/23243" "url": "http://www.securityfocus.com/bid/21473"
}, },
{ {
"name" : "zenworks-pmgmt-downloadreport-sql-injection(30768)", "name": "23243",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30768" "url": "http://secunia.com/advisories/23243"
} }
] ]
} }

86
2006/6xxx/CVE-2006-6587.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6587", "ID": "CVE-2006-6587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message." "value": "Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061209 (no subject)", "name": "1017360",
"refsource" : "FULLDISC", "refsource": "SECTRACK",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0177.html" "url": "http://securitytracker.com/id?1017360"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/OFBIZ-178", "name": "20061209 (no subject)",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "https://issues.apache.org/jira/browse/OFBIZ-178" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-12/0177.html"
}, },
{ {
"name" : "https://issues.apache.org/jira/browse/OFBIZ-260", "name": "21529",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://issues.apache.org/jira/browse/OFBIZ-260" "url": "http://www.securityfocus.com/bid/21529"
}, },
{ {
"name" : "21529", "name": "https://issues.apache.org/jira/browse/OFBIZ-260",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/21529" "url": "https://issues.apache.org/jira/browse/OFBIZ-260"
}, },
{ {
"name" : "1017360", "name": "https://issues.apache.org/jira/browse/OFBIZ-178",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://securitytracker.com/id?1017360" "url": "https://issues.apache.org/jira/browse/OFBIZ-178"
} }
] ]
} }

92
2006/6xxx/CVE-2006-6678.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6678", "ID": "CVE-2006-6678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename." "value": "The edit_textarea function in form-file.c in Netrik 1.15.4 and earlier does not properly verify temporary filenames when editing textarea fields, which allows attackers to execute arbitrary commands via shell metacharacters in the filename."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4", "name": "DSA-1251",
"refsource" : "MISC", "refsource": "DEBIAN",
"url" : "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4" "url": "http://www.debian.org/security/2007/dsa-1251"
}, },
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183", "name": "22158",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183" "url": "http://www.securityfocus.com/bid/22158"
}, },
{ {
"name" : "DSA-1251", "name": "ADV-2006-5092",
"refsource" : "DEBIAN", "refsource": "VUPEN",
"url" : "http://www.debian.org/security/2007/dsa-1251" "url": "http://www.vupen.com/english/advisories/2006/5092"
}, },
{ {
"name" : "22158", "name": "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/22158" "url": "http://netrik.cvs.sourceforge.net/netrik/netrik/form-file.c?r1=1.3&r2=1.4"
}, },
{ {
"name" : "ADV-2006-5092", "name": "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2006/5092" "url": "http://sourceforge.net/project/shownotes.php?release_id=472131&group_id=23183"
}, },
{ {
"name" : "23822", "name": "23822",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/23822" "url": "http://secunia.com/advisories/23822"
} }
] ]
} }

80
2006/7xxx/CVE-2006-7015.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7015", "ID": "CVE-2006-7015",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter. NOTE: CVE disputes this issue because the script is protected against direct requests." "value": "** DISPUTED ** PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code via a URL in the mosConfig_absolute_path parameter. NOTE: CVE disputes this issue because the script is protected against direct requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060613 Jobline 1 1 1 Version - Remote File Include Vulnerability", "name": "jobline-mosconfig-file-include(27125)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/436990/30/4440/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27125"
}, },
{ {
"name" : "20070214 false: old Jobline RFI", "name": "2254",
"refsource" : "VIM", "refsource": "SREASON",
"url" : "http://www.attrition.org/pipermail/vim/2007-February/001325.html" "url": "http://securityreason.com/securityalert/2254"
}, },
{ {
"name" : "2254", "name": "20060613 Jobline 1 1 1 Version - Remote File Include Vulnerability",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/2254" "url": "http://www.securityfocus.com/archive/1/436990/30/4440/threaded"
}, },
{ {
"name" : "jobline-mosconfig-file-include(27125)", "name": "20070214 false: old Jobline RFI",
"refsource" : "XF", "refsource": "VIM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27125" "url": "http://www.attrition.org/pipermail/vim/2007-February/001325.html"
} }
] ]
} }

22
2011/0xxx/CVE-2011-0236.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0236", "ID": "CVE-2011-0236",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2011/0xxx/CVE-2011-0796.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0796", "ID": "CVE-2011-0796",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors." "value": "Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows local users to affect confidentiality via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html"
} }
] ]
} }

68
2011/0xxx/CVE-2011-0876.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0876", "ID": "CVE-2011-0876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors related to Security." "value": "Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect integrity via unknown vectors related to Security."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "name": "TA11-201A",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
}, },
{ {
"name" : "TA11-201A", "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
"refsource" : "CERT", "refsource": "CONFIRM",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
} }
] ]
} }

86
2011/2xxx/CVE-2011-2122.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-2122", "ID": "CVE-2011-2122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119." "value": "Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110614 [BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution", "name": "20110614 [BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/518439/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/518439/100/0/threaded"
}, },
{ {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html", "name": "73029",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-17.html" "url": "http://osvdb.org/73029"
}, },
{ {
"name" : "TA11-166A", "name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
"refsource" : "CERT", "refsource": "CONFIRM",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-166A.html" "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
}, },
{ {
"name" : "48297", "name": "TA11-166A",
"refsource" : "BID", "refsource": "CERT",
"url" : "http://www.securityfocus.com/bid/48297" "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
}, },
{ {
"name" : "73029", "name": "48297",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/73029" "url": "http://www.securityfocus.com/bid/48297"
} }
] ]
} }

62
2011/2xxx/CVE-2011-2171.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2171", "ID": "CVE-2011-2171",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors." "value": "Unspecified vulnerability in the dbugs package in Google Chrome OS before R12 0.12.433.38 Beta has unknown impact and attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://googlechromereleases.blogspot.com/2011/05/chrome-os-beta-channel-update_16.html", "name": "http://googlechromereleases.blogspot.com/2011/05/chrome-os-beta-channel-update_16.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/05/chrome-os-beta-channel-update_16.html" "url": "http://googlechromereleases.blogspot.com/2011/05/chrome-os-beta-channel-update_16.html"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2539.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2539", "ID": "CVE-2011-2539",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2011/2xxx/CVE-2011-2959.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2959", "ID": "CVE-2011-2959",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to TCP port 22202." "value": "Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet to TCP port 22202."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.insomniasec.com/advisories/ISVA-110427.1.htm", "name": "44345",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.insomniasec.com/advisories/ISVA-110427.1.htm" "url": "http://secunia.com/advisories/44345"
}, },
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-119-01.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-119-01.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-119-01.pdf" "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-119-01.pdf"
}, },
{ {
"name" : "72117", "name": "72117",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/72117" "url": "http://www.osvdb.org/72117"
}, },
{ {
"name" : "44345", "name": "http://www.insomniasec.com/advisories/ISVA-110427.1.htm",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/44345" "url": "http://www.insomniasec.com/advisories/ISVA-110427.1.htm"
} }
] ]
} }

22
2011/3xxx/CVE-2011-3333.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3333", "ID": "CVE-2011-3333",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2011/3xxx/CVE-2011-3428.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3428", "ID": "CVE-2011-3428",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code." "value": "Buffer overflow in QuickTime before 7.7.1 for Windows allows remote attackers to execute arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/en-us/HT5016", "name": "https://support.apple.com/en-us/HT5016",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/en-us/HT5016" "url": "https://support.apple.com/en-us/HT5016"
} }
] ]
} }

158
2011/3xxx/CVE-2011-3551.json
View File

@ -1,141 +1,141 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-3551", "ID": "CVE-2011-3551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", "name": "GLSA-201406-32",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", "name": "HPSBMU02799",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
}, },
{ {
"name" : "GLSA-201406-32", "name": "48308",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://secunia.com/advisories/48308"
}, },
{ {
"name" : "HPSBUX02730", "name": "HPSBUX02730",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
}, },
{ {
"name" : "SSRT100710", "name": "SUSE-SU-2012:0114",
"refsource" : "HP", "refsource": "SUSE",
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
}, },
{ {
"name" : "HPSBMU02797", "name": "RHSA-2013:1455",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
}, },
{ {
"name" : "SSRT100867", "name": "SSRT100710",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
}, },
{ {
"name" : "HPSBMU02799", "name": "RHSA-2011:1384",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
}, },
{ {
"name" : "RHSA-2011:1384", "name": "50224",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1384.html" "url": "http://www.securityfocus.com/bid/50224"
}, },
{ {
"name" : "RHSA-2013:1455", "name": "oval:org.mitre.oval:def:14318",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318"
}, },
{ {
"name" : "SUSE-SU-2012:0114", "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html" "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
}, },
{ {
"name" : "USN-1263-1", "name": "SSRT100867",
"refsource" : "UBUNTU", "refsource": "HP",
"url" : "http://www.ubuntu.com/usn/USN-1263-1" "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
}, },
{ {
"name" : "50224", "name": "oracle-jre-2d-unspecified(70842)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/50224" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14318", "name": "1026215",
"refsource" : "OVAL", "refsource": "SECTRACK",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14318" "url": "http://www.securitytracker.com/id?1026215"
}, },
{ {
"name" : "1026215", "name": "USN-1263-1",
"refsource" : "SECTRACK", "refsource": "UBUNTU",
"url" : "http://www.securitytracker.com/id?1026215" "url": "http://www.ubuntu.com/usn/USN-1263-1"
}, },
{ {
"name" : "48308", "name": "HPSBMU02797",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/48308" "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
}, },
{ {
"name" : "oracle-jre-2d-unspecified(70842)", "name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70842" "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
} }
] ]
} }

22
2011/3xxx/CVE-2011-3624.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3624", "ID": "CVE-2011-3624",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2011/4xxx/CVE-2011-4237.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2011-4237", "ID": "CVE-2011-4237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693." "value": "CRLF injection vulnerability in autologin.jsp in Cisco CiscoWorks Common Services 4.0, as used in Cisco Prime LAN Management Solution and other products, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the URL parameter, aka Bug ID CSCtu18693."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.nessus.org/plugins/index.php?view=single&id=58950", "name": "49094",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.nessus.org/plugins/index.php?view=single&id=58950" "url": "http://secunia.com/advisories/49094"
}, },
{ {
"name" : "http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html", "name": "http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html" "url": "http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_lan_management_solution/4.2/release/notes/lms42rel.html"
}, },
{ {
"name" : "49094", "name": "http://www.nessus.org/plugins/index.php?view=single&id=58950",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/49094" "url": "http://www.nessus.org/plugins/index.php?view=single&id=58950"
} }
] ]
} }

104
2011/4xxx/CVE-2011-4354.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4354", "ID": "CVE-2011-4354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts." "value": "crypto/bn/bn_nist.c in OpenSSL before 0.9.8h on 32-bit platforms, as used in stunnel and other products, in certain circumstances involving ECDH or ECDHE cipher suites, uses an incorrect modular reduction algorithm in its implementation of the P-256 and P-384 NIST elliptic curves, which allows remote attackers to obtain the private key of a TLS server via multiple handshake attempts."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20111201 CVE-2011-4354 OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys", "name": "http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2011/12/01/6" "url": "http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip"
}, },
{ {
"name" : "http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=757909",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://crypto.di.uminho.pt/CACE/CT-RSA2012-openssl-src.zip" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=757909"
}, },
{ {
"name" : "http://eprint.iacr.org/2011/633", "name": "[oss-security] 20111201 CVE-2011-4354 OpenSSL 0.9.8g (32-bit builds) bug leaks ECC private keys",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://eprint.iacr.org/2011/633" "url": "http://openwall.com/lists/oss-security/2011/12/01/6"
}, },
{ {
"name" : "http://cvs.openssl.org/filediff?f=openssl/crypto/bn/bn_nist.c&v1=1.14&v2=1.21", "name": "http://eprint.iacr.org/2011/633",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://cvs.openssl.org/filediff?f=openssl/crypto/bn/bn_nist.c&v1=1.14&v2=1.21" "url": "http://eprint.iacr.org/2011/633"
}, },
{ {
"name" : "http://marc.info/?t=119271238800004", "name": "http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://marc.info/?t=119271238800004" "url": "http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest"
}, },
{ {
"name" : "http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest", "name": "http://cvs.openssl.org/filediff?f=openssl/crypto/bn/bn_nist.c&v1=1.14&v2=1.21",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest" "url": "http://cvs.openssl.org/filediff?f=openssl/crypto/bn/bn_nist.c&v1=1.14&v2=1.21"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=757909", "name": "DSA-2390",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=757909" "url": "http://www.debian.org/security/2012/dsa-2390"
}, },
{ {
"name" : "DSA-2390", "name": "http://marc.info/?t=119271238800004",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2012/dsa-2390" "url": "http://marc.info/?t=119271238800004"
} }
] ]
} }

116
2011/4xxx/CVE-2011-4608.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4608", "ID": "CVE-2011-4608",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints." "value": "mod_cluster in JBoss Enterprise Application Platform 5.1.2 for Red Hat Linux allows worker nodes to register with arbitrary virtual hosts, which allows remote attackers to bypass intended access restrictions and provide malicious content, hijack sessions, and steal credentials by registering from an external vhost that does not enforce security constraints."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=767020", "name": "RHSA-2012:0039",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=767020" "url": "http://www.redhat.com/support/errata/RHSA-2012-0039.html"
}, },
{ {
"name" : "RHSA-2012:0035", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=767020",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0035.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=767020"
}, },
{ {
"name" : "RHSA-2012:0036", "name": "RHSA-2012:0035",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0036.html" "url": "http://www.redhat.com/support/errata/RHSA-2012-0035.html"
}, },
{ {
"name" : "RHSA-2012:0037", "name": "51554",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0037.html" "url": "http://www.securityfocus.com/bid/51554"
}, },
{ {
"name" : "RHSA-2012:0038", "name": "jboss-modcluster-security-bypass(72460)",
"refsource" : "REDHAT", "refsource": "XF",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0038.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72460"
}, },
{ {
"name" : "RHSA-2012:0039", "name": "RHSA-2012:0040",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0039.html" "url": "http://www.redhat.com/support/errata/RHSA-2012-0040.html"
}, },
{ {
"name" : "RHSA-2012:0040", "name": "RHSA-2012:0037",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0040.html" "url": "http://www.redhat.com/support/errata/RHSA-2012-0037.html"
}, },
{ {
"name" : "51554", "name": "RHSA-2012:0036",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/51554" "url": "http://www.redhat.com/support/errata/RHSA-2012-0036.html"
}, },
{ {
"name" : "1026545", "name": "1026545",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026545" "url": "http://www.securitytracker.com/id?1026545"
}, },
{ {
"name" : "jboss-modcluster-security-bypass(72460)", "name": "RHSA-2012:0038",
"refsource" : "XF", "refsource": "REDHAT",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72460" "url": "http://www.redhat.com/support/errata/RHSA-2012-0038.html"
} }
] ]
} }

86
2011/4xxx/CVE-2011-4621.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4621", "ID": "CVE-2011-4621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop." "value": "The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes code in a loop."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20111221 Re: CVE Request -- kernel: tight loop and no preemption can cause system stall", "name": "https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/12/21/6" "url": "https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64"
}, },
{ {
"name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37", "name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37" "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f26f9aff6aaf67e9a430d16c266f91b13a5bff64", "name": "[oss-security] 20111221 Re: CVE Request -- kernel: tight loop and no preemption can cause system stall",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f26f9aff6aaf67e9a430d16c266f91b13a5bff64" "url": "http://www.openwall.com/lists/oss-security/2011/12/21/6"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=769711", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=769711",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=769711" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769711"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f26f9aff6aaf67e9a430d16c266f91b13a5bff64",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/f26f9aff6aaf67e9a430d16c266f91b13a5bff64" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f26f9aff6aaf67e9a430d16c266f91b13a5bff64"
} }
] ]
} }

22
2011/4xxx/CVE-2011-4663.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4663", "ID": "CVE-2011-4663",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

98
2013/1xxx/CVE-2013-1041.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-1041", "ID": "CVE-2013-1041",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2." "value": "WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-09-18-2."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5934", "name": "APPLE-SA-2013-10-22-8",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5934" "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT6001", "name": "1029054",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://support.apple.com/kb/HT6001" "url": "http://www.securitytracker.com/id/1029054"
}, },
{ {
"name" : "APPLE-SA-2013-09-18-2", "name": "http://support.apple.com/kb/HT6001",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" "url": "http://support.apple.com/kb/HT6001"
}, },
{ {
"name" : "APPLE-SA-2013-10-22-2", "name": "APPLE-SA-2013-10-22-2",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html" "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2013-10-22-8", "name": "54886",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00009.html" "url": "http://secunia.com/advisories/54886"
}, },
{ {
"name" : "1029054", "name": "http://support.apple.com/kb/HT5934",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1029054" "url": "http://support.apple.com/kb/HT5934"
}, },
{ {
"name" : "54886", "name": "APPLE-SA-2013-09-18-2",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/54886" "url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
} }
] ]
} }

22
2013/1xxx/CVE-2013-1238.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1238", "ID": "CVE-2013-1238",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2013/1xxx/CVE-2013-1413.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1413", "ID": "CVE-2013-1413",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Multiple cross-site scripting (XSS) vulnerabilities in synetics i-doit open 0.9.9-7, i-doit pro 1.0 and earlier, and i-doit pro 1.0.2 when the 'sanitize user input' flag is not enabled, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130301 CVE-2013-1413", "name": "http://www.csnc.ch/en/modules/news/news_0076.html_533560828.html",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2013/Mar/0" "url": "http://www.csnc.ch/en/modules/news/news_0076.html_533560828.html"
}, },
{ {
"name" : "http://www.csnc.ch/en/modules/news/news_0076.html_533560828.html", "name": "52415",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.csnc.ch/en/modules/news/news_0076.html_533560828.html" "url": "http://secunia.com/advisories/52415"
}, },
{ {
"name" : "52415", "name": "20130301 CVE-2013-1413",
"refsource" : "SECUNIA", "refsource": "FULLDISC",
"url" : "http://secunia.com/advisories/52415" "url": "http://seclists.org/fulldisclosure/2013/Mar/0"
}, },
{ {
"name" : "56834", "name": "56834",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/56834" "url": "http://secunia.com/advisories/56834"
} }
] ]
} }

98
2013/1xxx/CVE-2013-1640.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1640", "ID": "CVE-2013-1640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request." "value": "The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog request."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://puppetlabs.com/security/cve/cve-2013-1640/", "name": "SUSE-SU-2013:0618",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://puppetlabs.com/security/cve/cve-2013-1640/" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html"
}, },
{ {
"name" : "DSA-2643", "name": "RHSA-2013:0710",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2013/dsa-2643" "url": "http://rhn.redhat.com/errata/RHSA-2013-0710.html"
}, },
{ {
"name" : "RHSA-2013:0710", "name": "DSA-2643",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0710.html" "url": "http://www.debian.org/security/2013/dsa-2643"
}, },
{ {
"name" : "SUSE-SU-2013:0618", "name": "52596",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00004.html" "url": "http://secunia.com/advisories/52596"
}, },
{ {
"name" : "openSUSE-SU-2013:0641", "name": "USN-1759-1",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html" "url": "http://ubuntu.com/usn/usn-1759-1"
}, },
{ {
"name" : "USN-1759-1", "name": "openSUSE-SU-2013:0641",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://ubuntu.com/usn/usn-1759-1" "url": "http://lists.opensuse.org/opensuse-updates/2013-04/msg00056.html"
}, },
{ {
"name" : "52596", "name": "https://puppetlabs.com/security/cve/cve-2013-1640/",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/52596" "url": "https://puppetlabs.com/security/cve/cve-2013-1640/"
} }
] ]
} }

104
2013/1xxx/CVE-2013-1918.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1918", "ID": "CVE-2013-1918",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to \"deep page table traversal.\"" "value": "Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to \"deep page table traversal.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20130502 Xen Security Advisory 45 (CVE-2013-1918) - Several long latency operations are not preemptible", "name": "55082",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2013/05/02/8" "url": "http://secunia.com/advisories/55082"
}, },
{ {
"name" : "DSA-2666", "name": "FEDORA-2013-7432",
"refsource" : "DEBIAN", "refsource": "FEDORA",
"url" : "http://www.debian.org/security/2013/dsa-2666" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html"
}, },
{ {
"name" : "FEDORA-2013-7432", "name": "GLSA-201309-24",
"refsource" : "FEDORA", "refsource": "GENTOO",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html" "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
}, },
{ {
"name" : "GLSA-201309-24", "name": "53187",
"refsource" : "GENTOO", "refsource": "SECUNIA",
"url" : "http://security.gentoo.org/glsa/glsa-201309-24.xml" "url": "http://secunia.com/advisories/53187"
}, },
{ {
"name" : "SUSE-SU-2014:0446", "name": "DSA-2666",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" "url": "http://www.debian.org/security/2013/dsa-2666"
}, },
{ {
"name" : "59615", "name": "SUSE-SU-2014:0446",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/59615" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
}, },
{ {
"name" : "53187", "name": "[oss-security] 20130502 Xen Security Advisory 45 (CVE-2013-1918) - Several long latency operations are not preemptible",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/53187" "url": "http://www.openwall.com/lists/oss-security/2013/05/02/8"
}, },
{ {
"name" : "55082", "name": "59615",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/55082" "url": "http://www.securityfocus.com/bid/59615"
} }
] ]
} }

62
2013/5xxx/CVE-2013-5000.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5000", "ID": "CVE-2013-5000",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files." "value": "phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php", "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php" "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php"
} }
] ]
} }

170
2013/5xxx/CVE-2013-5851.json
View File

@ -1,151 +1,151 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5851", "ID": "CVE-2013-5851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP." "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "name": "GLSA-201406-32",
"refsource" : "CONFIRM", "refsource": "GENTOO",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", "name": "RHSA-2013:1447",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
}, },
{ {
"name" : "GLSA-201406-32", "name": "RHSA-2013:1440",
"refsource" : "GENTOO", "refsource": "REDHAT",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
}, },
{ {
"name" : "RHSA-2013:1440", "name": "98558",
"refsource" : "REDHAT", "refsource": "OSVDB",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "url": "http://osvdb.org/98558"
}, },
{ {
"name" : "RHSA-2013:1447", "name": "USN-2033-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1447.html" "url": "http://www.ubuntu.com/usn/USN-2033-1"
}, },
{ {
"name" : "RHSA-2013:1451", "name": "oval:org.mitre.oval:def:19061",
"refsource" : "REDHAT", "refsource": "OVAL",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1451.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19061"
}, },
{ {
"name" : "RHSA-2013:1507", "name": "USN-2089-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "url": "http://www.ubuntu.com/usn/USN-2089-1"
}, },
{ {
"name" : "RHSA-2013:1508", "name": "RHSA-2013:1508",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
}, },
{ {
"name" : "RHSA-2013:1793", "name": "SUSE-SU-2013:1677",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
}, },
{ {
"name" : "SUSE-SU-2013:1666", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
}, },
{ {
"name" : "SUSE-SU-2013:1677", "name": "openSUSE-SU-2013:1663",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
}, },
{ {
"name" : "openSUSE-SU-2013:1663", "name": "SUSE-SU-2013:1666",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
}, },
{ {
"name" : "USN-2033-1", "name": "RHSA-2013:1793",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-2033-1" "url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
}, },
{ {
"name" : "USN-2089-1", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-2089-1" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}, },
{ {
"name" : "63142", "name": "RHSA-2013:1507",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/63142" "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
}, },
{ {
"name" : "98558", "name": "oracle-cpuoct2013-cve20135851(87997)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/98558" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87997"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19061", "name": "56338",
"refsource" : "OVAL", "refsource": "SECUNIA",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19061" "url": "http://secunia.com/advisories/56338"
}, },
{ {
"name" : "56338", "name": "RHSA-2013:1451",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/56338" "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
}, },
{ {
"name" : "oracle-cpuoct2013-cve20135851(87997)", "name": "63142",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87997" "url": "http://www.securityfocus.com/bid/63142"
} }
] ]
} }

176
2013/5xxx/CVE-2013-5898.json
View File

@ -1,156 +1,156 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5898", "ID": "CVE-2013-5898",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403." "value": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "name": "RHSA-2014:0414",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "url": "https://access.redhat.com/errata/RHSA-2014:0414"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", "name": "SSRT101455",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
}, },
{ {
"name" : "HPSBUX02972", "name": "RHSA-2014:0135",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2014-0135.html"
}, },
{ {
"name" : "HPSBUX02973", "name": "56535",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" "url": "http://secunia.com/advisories/56535"
}, },
{ {
"name" : "SSRT101454", "name": "102027",
"refsource" : "HP", "refsource": "OSVDB",
"url" : "http://marc.info/?l=bugtraq&m=139402697611681&w=2" "url": "http://osvdb.org/102027"
}, },
{ {
"name" : "SSRT101455", "name": "RHSA-2014:0030",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=139402749111889&w=2" "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html"
}, },
{ {
"name" : "RHSA-2014:0030", "name": "56485",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0030.html" "url": "http://secunia.com/advisories/56485"
}, },
{ {
"name" : "RHSA-2014:0134", "name": "SSRT101454",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0134.html" "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
}, },
{ {
"name" : "RHSA-2014:0135", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0135.html" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777"
}, },
{ {
"name" : "RHSA-2014:0414", "name": "HPSBUX02972",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "url": "http://marc.info/?l=bugtraq&m=139402697611681&w=2"
}, },
{ {
"name" : "SUSE-SU-2014:0246", "name": "SUSE-SU-2014:0451",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html"
}, },
{ {
"name" : "SUSE-SU-2014:0266", "name": "HPSBUX02973",
"refsource" : "SUSE", "refsource": "HP",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html" "url": "http://marc.info/?l=bugtraq&m=139402749111889&w=2"
}, },
{ {
"name" : "SUSE-SU-2014:0451", "name": "1029608",
"refsource" : "SUSE", "refsource": "SECTRACK",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html" "url": "http://www.securitytracker.com/id/1029608"
}, },
{ {
"name" : "64758", "name": "64912",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/64758" "url": "http://www.securityfocus.com/bid/64912"
}, },
{ {
"name" : "64912", "name": "oracle-cpujan2014-cve20135898(90356)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/64912" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90356"
}, },
{ {
"name" : "102027", "name": "SUSE-SU-2014:0266",
"refsource" : "OSVDB", "refsource": "SUSE",
"url" : "http://osvdb.org/102027" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html"
}, },
{ {
"name" : "1029608", "name": "64758",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1029608" "url": "http://www.securityfocus.com/bid/64758"
}, },
{ {
"name" : "56485", "name": "SUSE-SU-2014:0246",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/56485" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html"
}, },
{ {
"name" : "56535", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/56535" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
}, },
{ {
"name" : "oracle-cpujan2014-cve20135898(90356)", "name": "RHSA-2014:0134",
"refsource" : "XF", "refsource": "REDHAT",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90356" "url": "http://rhn.redhat.com/errata/RHSA-2014-0134.html"
} }
] ]
} }

68
2014/2xxx/CVE-2014-2360.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-2360", "ID": "CVE-2014-2360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage." "value": "OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01", "name": "68797",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01" "url": "http://www.securityfocus.com/bid/68797"
}, },
{ {
"name" : "68797", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/68797" "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01"
} }
] ]
} }

116
2014/2xxx/CVE-2014-2428.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-2428", "ID": "CVE-2014-2428",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment." "value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "name": "RHSA-2014:0414",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" "url": "https://access.redhat.com/errata/RHSA-2014:0414"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", "name": "HPSBUX03091",
"refsource" : "CONFIRM", "refsource": "HP",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
}, },
{ {
"name" : "GLSA-201502-12", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
}, },
{ {
"name" : "HPSBUX03091", "name": "RHSA-2014:0413",
"refsource" : "HP", "refsource": "REDHAT",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "url": "https://access.redhat.com/errata/RHSA-2014:0413"
}, },
{ {
"name" : "HPSBUX03092", "name": "SSRT101667",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
}, },
{ {
"name" : "SSRT101667", "name": "HPSBUX03092",
"refsource" : "HP", "refsource": "HP",
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
}, },
{ {
"name" : "SSRT101668", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
}, },
{ {
"name" : "RHSA-2014:0413", "name": "SSRT101668",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "https://access.redhat.com/errata/RHSA-2014:0413" "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
}, },
{ {
"name" : "RHSA-2014:0414", "name": "66870",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "url": "http://www.securityfocus.com/bid/66870"
}, },
{ {
"name" : "66870", "name": "GLSA-201502-12",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/66870" "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
} }
] ]
} }

122
2014/2xxx/CVE-2014-2523.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2523", "ID": "CVE-2014-2523",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function." "value": "net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140317 Re: CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c", "name": "http://twitter.com/grsecurity/statuses/445496197399461888",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2014/03/17/7" "url": "http://twitter.com/grsecurity/statuses/445496197399461888"
}, },
{ {
"name" : "http://twitter.com/grsecurity/statuses/445496197399461888", "name": "USN-2173-1",
"refsource" : "MISC", "refsource": "UBUNTU",
"url" : "http://twitter.com/grsecurity/statuses/445496197399461888" "url": "http://www.ubuntu.com/usn/USN-2173-1"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92", "name": "66279",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92" "url": "http://www.securityfocus.com/bid/66279"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1077343", "name": "USN-2174-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1077343" "url": "http://www.ubuntu.com/usn/USN-2174-1"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92", "name": "57446",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92" "url": "http://secunia.com/advisories/57446"
}, },
{ {
"name" : "USN-2173-1", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1077343",
"refsource" : "UBUNTU", "refsource": "CONFIRM",
"url" : "http://www.ubuntu.com/usn/USN-2173-1" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077343"
}, },
{ {
"name" : "USN-2174-1", "name": "1029945",
"refsource" : "UBUNTU", "refsource": "SECTRACK",
"url" : "http://www.ubuntu.com/usn/USN-2174-1" "url": "http://www.securitytracker.com/id/1029945"
}, },
{ {
"name" : "66279", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/66279" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b22f5126a24b3b2f15448c3f2a254fc10cbc2b92"
}, },
{ {
"name" : "1029945", "name": "linux-kernel-cve20142523-code-exec(91910)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id/1029945" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91910"
}, },
{ {
"name" : "57446", "name": "https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/57446" "url": "https://github.com/torvalds/linux/commit/b22f5126a24b3b2f15448c3f2a254fc10cbc2b92"
}, },
{ {
"name" : "linux-kernel-cve20142523-code-exec(91910)", "name": "[oss-security] 20140317 Re: CVE Request: netfilter: remote memory corruption in nf_conntrack_proto_dccp.c",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91910" "url": "http://www.openwall.com/lists/oss-security/2014/03/17/7"
} }
] ]
} }

62
2014/2xxx/CVE-2014-2592.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2592", "ID": "CVE-2014-2592",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension." "value": "Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2592/", "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2592/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2592/" "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2592/"
} }
] ]
} }

74
2014/2xxx/CVE-2014-2732.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2732", "ID": "CVE-2014-2732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or (2) 80." "value": "Multiple directory traversal vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to access arbitrary files via HTTP traffic to port (1) 4999 or (2) 80."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01", "name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01" "url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf"
}, },
{ {
"name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf", "name": "66965",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-364879.pdf" "url": "http://www.securityfocus.com/bid/66965"
}, },
{ {
"name" : "66965", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/66965" "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-01"
} }
] ]
} }

74
2014/2xxx/CVE-2014-2752.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2752", "ID": "CVE-2014-2752",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors." "value": "SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.onapsis.com/get.php?resid=adv_onapsis-2014-003", "name": "http://www.onapsis.com/get.php?resid=adv_onapsis-2014-003",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.onapsis.com/get.php?resid=adv_onapsis-2014-003" "url": "http://www.onapsis.com/get.php?resid=adv_onapsis-2014-003"
}, },
{ {
"name" : "http://www.onapsis.com/research-advisories.php", "name": "57736",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.onapsis.com/research-advisories.php" "url": "http://secunia.com/advisories/57736"
}, },
{ {
"name" : "57736", "name": "http://www.onapsis.com/research-advisories.php",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/57736" "url": "http://www.onapsis.com/research-advisories.php"
} }
] ]
} }

22
2014/6xxx/CVE-2014-6448.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6448", "ID": "CVE-2014-6448",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2014/6xxx/CVE-2014-6781.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6781", "ID": "CVE-2014-6781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Aloha Stadium - Hawaii (aka com.stadium.aloha) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Aloha Stadium - Hawaii (aka com.stadium.aloha) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#582497",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#421193", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/421193" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}, },
{ {
"name" : "VU#582497", "name": "VU#421193",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "http://www.kb.cert.org/vuls/id/421193"
} }
] ]
} }

74
2014/6xxx/CVE-2014-6954.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6954", "ID": "CVE-2014-6954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Deer Hunting Calls + Guide (aka com.anawaz.deerhuntingcalls.free) application 4.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#289545",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/289545"
}, },
{ {
"name" : "VU#289545", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/289545" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

74
2017/0xxx/CVE-2017-0039.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0039", "ID": "CVE-2017-0039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows DLL", "product_name": "Windows DLL",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Vista SP2 and Server 2008 SP2" "version_value": "Windows Vista SP2 and Server 2008 SP2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka \"Library Loading Input Validation Remote Code Execution Vulnerability.\"" "value": "Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka \"Library Loading Input Validation Remote Code Execution Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0039", "name": "1038001",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0039" "url": "http://www.securitytracker.com/id/1038001"
}, },
{ {
"name" : "96024", "name": "96024",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/96024" "url": "http://www.securityfocus.com/bid/96024"
}, },
{ {
"name" : "1038001", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0039",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038001" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0039"
} }
] ]
} }

74
2017/0xxx/CVE-2017-0236.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0236", "ID": "CVE-2017-0236",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft Edge", "product_name": "Microsoft Edge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems." "version_value": "Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1511 for 32-bit Systems, Windows 10 Version 1511 for x64-based Systems, Windows 10 Version 1607 for 32-bit Systems, Windows 10 Version 1607 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238." "value": "A remote code execution vulnerability exists in Microsoft Edge in the way that the Chakra JavaScript engine renders when handling objects in memory, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0224, CVE-2017-0228, CVE-2017-0229, CVE-2017-0230, CVE-2017-0234, CVE-2017-0235, and CVE-2017-0238."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0236", "name": "1038431",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0236" "url": "http://www.securitytracker.com/id/1038431"
}, },
{ {
"name" : "98234", "name": "98234",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/98234" "url": "http://www.securityfocus.com/bid/98234"
}, },
{ {
"name" : "1038431", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0236",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038431" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0236"
} }
] ]
} }

92
2017/0xxx/CVE-2017-0547.json
View File

@ -1,94 +1,94 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0547", "ID": "CVE-2017-0547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-4.4.4" "version_value": "Android-4.4.4"
}, },
{ {
"version_value" : "Android-5.0.2" "version_value": "Android-5.0.2"
}, },
{ {
"version_value" : "Android-5.1.1" "version_value": "Android-5.1.1"
}, },
{ {
"version_value" : "Android-6.0" "version_value": "Android-6.0"
}, },
{ {
"version_value" : "Android-6.0.1" "version_value": "Android-6.0.1"
}, },
{ {
"version_value" : "Android-7.0" "version_value": "Android-7.0"
}, },
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33861560." "value": "An information disclosure vulnerability in libmedia in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33861560."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://android.googlesource.com/platform/frameworks/av/+/9667e3eff2d34c3797c3b529370de47b2c1f1bf6", "name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/9667e3eff2d34c3797c3b529370de47b2c1f1bf6" "url": "https://source.android.com/security/bulletin/2017-04-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2017-04-01", "name": "97338",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-04-01" "url": "http://www.securityfocus.com/bid/97338"
}, },
{ {
"name" : "97338", "name": "https://android.googlesource.com/platform/frameworks/av/+/9667e3eff2d34c3797c3b529370de47b2c1f1bf6",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/97338" "url": "https://android.googlesource.com/platform/frameworks/av/+/9667e3eff2d34c3797c3b529370de47b2c1f1bf6"
}, },
{ {
"name" : "1038201", "name": "1038201",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201" "url": "http://www.securitytracker.com/id/1038201"
} }
] ]
} }

70
2017/0xxx/CVE-2017-0624.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0624", "ID": "CVE-2017-0624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34327795. References: QC-CR#2005832." "value": "An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34327795. References: QC-CR#2005832."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-05-01" "url": "https://source.android.com/security/bulletin/2017-05-01"
}, },
{ {
"name" : "98200", "name": "98200",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/98200" "url": "http://www.securityfocus.com/bid/98200"
} }
] ]
} }

22
2017/0xxx/CVE-2017-0939.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-0939", "ID": "CVE-2017-0939",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

24
2017/1000xxx/CVE-2017-1000468.json
View File

@ -1,19 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"DATE_ASSIGNED" : "2017-12-29", "data_version": "4.0",
"ID" : "CVE-2017-1000468", "CVE_data_meta": {
"REQUESTER" : "sajeeb.lohani@bulletproof.sh", "ID": "CVE-2017-1000468",
"STATE" : "REJECT" "ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }

104
2017/16xxx/CVE-2017-16651.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16651", "ID": "CVE-2017-16651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests." "value": "Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20171128 [SECURITY] [DLA 1193-1] roundcube security update", "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.3",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00039.html" "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.3.3"
}, },
{ {
"name" : "https://github.com/roundcube/roundcubemail/issues/6026", "name": "https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/roundcube/roundcubemail/issues/6026" "url": "https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10"
}, },
{ {
"name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.1.10", "name": "[debian-lts-announce] 20171128 [SECURITY] [DLA 1193-1] roundcube security update",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.1.10" "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00039.html"
}, },
{ {
"name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.2.7", "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.1.10",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.2.7" "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.1.10"
}, },
{ {
"name" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.3", "name": "101793",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://github.com/roundcube/roundcubemail/releases/tag/1.3.3" "url": "http://www.securityfocus.com/bid/101793"
}, },
{ {
"name" : "https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10", "name": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.7",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10" "url": "https://github.com/roundcube/roundcubemail/releases/tag/1.2.7"
}, },
{ {
"name" : "DSA-4030", "name": "DSA-4030",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "https://www.debian.org/security/2017/dsa-4030" "url": "https://www.debian.org/security/2017/dsa-4030"
}, },
{ {
"name" : "101793", "name": "https://github.com/roundcube/roundcubemail/issues/6026",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/101793" "url": "https://github.com/roundcube/roundcubemail/issues/6026"
} }
] ]
} }

22
2017/18xxx/CVE-2017-18108.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18108", "ID": "CVE-2017-18108",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/1xxx/CVE-2017-1112.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1112", "ID": "CVE-2017-1112",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

126
2017/1xxx/CVE-2017-1609.json
View File

@ -1,119 +1,119 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-10-31T00:00:00", "DATE_PUBLIC": "2018-10-31T00:00:00",
"ID" : "CVE-2017-1609", "ID": "CVE-2017-1609",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Quality Manager", "product_name": "Rational Quality Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
}, },
{ {
"version_value" : "6.0.4" "version_value": "6.0.4"
}, },
{ {
"version_value" : "6.0.5" "version_value": "6.0.5"
}, },
{ {
"version_value" : "6.0.6" "version_value": "6.0.6"
}, },
{ {
"version_value" : "5.01" "version_value": "5.01"
}, },
{ {
"version_value" : "5.02" "version_value": "5.02"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132929." "value": "IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132929."
} }
] ]
}, },
"impact" : { "impact": {
"cvssv3" : { "cvssv3": {
"BM" : { "BM": {
"A" : "N", "A": "N",
"AC" : "L", "AC": "L",
"AV" : "N", "AV": "N",
"C" : "L", "C": "L",
"I" : "L", "I": "L",
"PR" : "L", "PR": "L",
"S" : "C", "S": "C",
"SCORE" : "5.400", "SCORE": "5.400",
"UI" : "R" "UI": "R"
}, },
"TM" : { "TM": {
"E" : "H", "E": "H",
"RC" : "C", "RC": "C",
"RL" : "O" "RL": "O"
} }
} }
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-Site Scripting" "value": "Cross-Site Scripting"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10738137", "name": "http://www.ibm.com/support/docview.wss?uid=ibm10738137",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10738137" "url": "http://www.ibm.com/support/docview.wss?uid=ibm10738137"
}, },
{ {
"name" : "106384", "name": "ibm-rqm-cve20171609-xss(132929)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/106384" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132929"
}, },
{ {
"name" : "ibm-rqm-cve20171609-xss(132929)", "name": "106384",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/132929" "url": "http://www.securityfocus.com/bid/106384"
} }
] ]
} }

22
2017/4xxx/CVE-2017-4025.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4025", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4025",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4081.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4081", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4081",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4312.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4312", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4312",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }