admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:19:54 +00:00
parent 5574fcb5dc
commit f6366de030
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
49 changed files with 3201 additions and 3201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2006/5xxx/CVE-2006-5192.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5192", "ID": "CVE-2006-5192",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2476", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2476/" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter."
{ }
"name" : "20352", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20352" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-3915", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3915" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpgreetz-footer-file-include(29346)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29346" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20352"
},
{
"name": "ADV-2006-3915",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3915"
},
{
"name": "phpgreetz-footer-file-include(29346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29346"
},
{
"name": "2476",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2476/"
}
]
}
}

190
2007/2xxx/CVE-2007-2235.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2235", "ID": "CVE-2007-2235",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/465400/100/100/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php."
{ }
"name" : "20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/465338/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.acid-root.new.fr/advisories/13070411.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.acid-root.new.fr/advisories/13070411.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://dev.punbb.org/changeset/934", ]
"refsource" : "CONFIRM", }
"url" : "http://dev.punbb.org/changeset/934" ]
}, },
{ "references": {
"name" : "http://dev.punbb.org/changeset/938", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://dev.punbb.org/changeset/938" "name": "20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/465338/100/100/threaded"
"name" : "ADV-2007-1362", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1362" "name": "http://dev.punbb.org/changeset/938",
}, "refsource": "CONFIRM",
{ "url": "http://dev.punbb.org/changeset/938"
"name" : "24843", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24843" "name": "http://dev.punbb.org/changeset/934",
}, "refsource": "CONFIRM",
{ "url": "http://dev.punbb.org/changeset/934"
"name" : "2613", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2613" "name": "http://www.acid-root.new.fr/advisories/13070411.txt",
} "refsource": "MISC",
] "url": "http://www.acid-root.new.fr/advisories/13070411.txt"
} },
} {
"name": "24843",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24843"
},
{
"name": "2613",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2613"
},
{
"name": "ADV-2007-1362",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1362"
},
{
"name": "20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465400/100/100/threaded"
}
]
}
}

170
2007/2xxx/CVE-2007-2333.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2333", "ID": "CVE-2007-2333",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null" "lang": "eng",
}, "value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network."
{ }
"name" : "23562", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23562" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1464", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1464" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35055", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35055" ]
}, },
{ "references": {
"name" : "1017943", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017943" "name": "1017943",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017943"
"name" : "24962", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24962" "name": "23562",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23562"
} },
} {
"name": "24962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24962"
},
{
"name": "35055",
"refsource": "OSVDB",
"url": "http://osvdb.org/35055"
},
{
"name": "ADV-2007-1464",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1464"
},
{
"name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null",
"refsource": "CONFIRM",
"url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null"
}
]
}
}

160
2007/2xxx/CVE-2007-2469.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2469", "ID": "CVE-2007-2469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2007/05/filerun-vuln.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2007/05/filerun-vuln.html" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter."
{ }
"name" : "23752", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23752" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1627", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1627" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25075", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/25075" ]
}, },
{ "references": {
"name" : "filerun-index-sql-injection(34006)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34006" "name": "filerun-index-sql-injection(34006)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34006"
} },
} {
"name": "25075",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25075"
},
{
"name": "ADV-2007-1627",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1627"
},
{
"name": "http://pridels0.blogspot.com/2007/05/filerun-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2007/05/filerun-vuln.html"
},
{
"name": "23752",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23752"
}
]
}
}

180
2007/2xxx/CVE-2007-2505.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2505", "ID": "CVE-2007-2505",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070502 Vulnerability in InterVations' MailCopa", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/467372/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37", ]
"refsource" : "MISC", },
"url" : "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23767", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23767" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1652", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1652" ]
}, },
{ "references": {
"name" : "35546", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35546" "name": "23767",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23767"
"name" : "25125", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25125" "name": "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37",
}, "refsource": "MISC",
{ "url": "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37"
"name" : "mailcopa-commandline-bo(34052)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34052" "name": "ADV-2007-1652",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1652"
} },
} {
"name": "mailcopa-commandline-bo(34052)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34052"
},
{
"name": "25125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25125"
},
{
"name": "20070502 Vulnerability in InterVations' MailCopa",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467372/100/0/threaded"
},
{
"name": "35546",
"refsource": "OSVDB",
"url": "http://osvdb.org/35546"
}
]
}
}

170
2007/2xxx/CVE-2007-2530.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2530", "ID": "CVE-2007-2530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3865", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3865" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php."
{ }
"name" : "ADV-2007-1680", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/1680" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35823", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35823" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35824", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35824" ]
}, },
{ "references": {
"name" : "25179", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25179" "name": "tropicalm-respath-file-include(34113)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34113"
"name" : "tropicalm-respath-file-include(34113)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34113" "name": "35824",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/35824"
} },
} {
"name": "25179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25179"
},
{
"name": "ADV-2007-1680",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1680"
},
{
"name": "3865",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3865"
},
{
"name": "35823",
"refsource": "OSVDB",
"url": "http://osvdb.org/35823"
}
]
}
}

160
2007/3xxx/CVE-2007-3291.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3291", "ID": "CVE-2007-3291",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4082", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4082" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php."
{ }
"name" : "24580", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24580" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37491", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37491" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25744", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/25744" ]
}, },
{ "references": {
"name" : "livecms-articlename-xss(35148)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35148" "name": "24580",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/24580"
} },
} {
"name": "livecms-articlename-xss(35148)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35148"
},
{
"name": "37491",
"refsource": "OSVDB",
"url": "http://osvdb.org/37491"
},
{
"name": "4082",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4082"
},
{
"name": "25744",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25744"
}
]
}
}

150
2007/3xxx/CVE-2007-3529.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3529", "ID": "CVE-2007-3529",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information via an empty value of the id[] parameter, which reveals the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070702 PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/472661/100/0/threaded" "lang": "eng",
}, "value": "videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information via an empty value of the id[] parameter, which reveals the path in an error message."
{ }
"name" : "4139", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/4139" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39717", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39717" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpdirector-videos-information-disclosure(35221)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35221" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20070702 PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472661/100/0/threaded"
},
{
"name": "phpdirector-videos-information-disclosure(35221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35221"
},
{
"name": "39717",
"refsource": "OSVDB",
"url": "http://osvdb.org/39717"
},
{
"name": "4139",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/4139"
}
]
}
}

210
2007/3xxx/CVE-2007-3701.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3701", "ID": "CVE-2007-3701",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070710 TippingPoint IPS Signature Evasion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473311/100/0/threaded" "lang": "eng",
}, "value": "TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack."
{ }
"name" : "20070710 TippingPoint IPS Signature Evasion", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.3com.com/securityalert/alerts/3COM-07-003.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.3com.com/securityalert/alerts/3COM-07-003.html" ]
}, },
{ "references": {
"name" : "24855", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24855" "name": "24855",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24855"
"name" : "35970", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35970" "name": "26013",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26013"
"name" : "ADV-2007-2490", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2490" "name": "1018361",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018361"
"name" : "1018361", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018361" "name": "http://www.3com.com/securityalert/alerts/3COM-07-003.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.3com.com/securityalert/alerts/3COM-07-003.html"
"name" : "26013", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26013" "name": "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf",
}, "refsource": "MISC",
{ "url": "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf"
"name" : "tippingpoint-hex-security-byass(35336)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35336" "name": "20070710 TippingPoint IPS Signature Evasion",
} "refsource": "FULLDISC",
] "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html"
} },
} {
"name": "ADV-2007-2490",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2490"
},
{
"name": "20070710 TippingPoint IPS Signature Evasion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473311/100/0/threaded"
},
{
"name": "tippingpoint-hex-security-byass(35336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35336"
},
{
"name": "35970",
"refsource": "OSVDB",
"url": "http://osvdb.org/35970"
}
]
}
}

160
2007/4xxx/CVE-2007-4972.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4972", "ID": "CVE-2007-4972",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey and (2) NtOpenKey Windows Native API functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070918 Plague in (security) software drivers & BSDOhook utility", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/479830/100/0/threaded" "lang": "eng",
}, "value": "RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey and (2) NtOpenKey Windows Native API functions."
{ }
"name" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", ]
"refsource" : "MISC", },
"url" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", "description": [
"refsource" : "MISC", {
"url" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25721", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25721" ]
}, },
{ "references": {
"name" : "45957", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45957" "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
} "refsource": "MISC",
] "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
} },
} {
"name": "45957",
"refsource": "OSVDB",
"url": "http://osvdb.org/45957"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "25721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25721"
},
{
"name": "20070918 Plague in (security) software drivers & BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}

120
2007/6xxx/CVE-2007-6008.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6008", "ID": "CVE-2007-6008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "27304", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27304" "lang": "eng",
} "value": "Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27304",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27304"
}
]
}
}

150
2007/6xxx/CVE-2007-6695.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6695", "ID": "CVE-2007-6695",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter."
{ }
"name" : "27459", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/27459" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "41199", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41199" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "drakecms-index-xss(39976)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39976" ]
} },
] "references": {
} "reference_data": [
} {
"name": "41199",
"refsource": "OSVDB",
"url": "http://osvdb.org/41199"
},
{
"name": "27459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27459"
},
{
"name": "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html",
"refsource": "MISC",
"url": "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html"
},
{
"name": "drakecms-index-xss(39976)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39976"
}
]
}
}

170
2010/0xxx/CVE-2010-0310.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0310", "ID": "CVE-2010-0310",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1" "lang": "eng",
}, "value": "Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates."
{ }
"name" : "275410", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37754", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/37754" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:8444", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8444" ]
}, },
{ "references": {
"name" : "1023448", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023448" "name": "275410",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1"
"name" : "38129", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38129" "name": "oval:org.mitre.oval:def:8444",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8444"
} },
} {
"name": "38129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38129"
},
{
"name": "1023448",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023448"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1"
},
{
"name": "37754",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37754"
}
]
}
}

150
2010/0xxx/CVE-2010-0863.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0863", "ID": "CVE-2010-0863",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help."
{ }
"name" : "TA10-103B", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1023872", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023872" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oipsr-rplanis-unspecified(57744)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57744" ]
} },
] "references": {
} "reference_data": [
} {
"name": "TA10-103B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
},
{
"name": "oipsr-rplanis-unspecified(57744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57744"
},
{
"name": "1023872",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023872"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
}
]
}
}

150
2010/1xxx/CVE-2010-1953.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1953", "ID": "CVE-2010-1953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "12288", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/12288" "lang": "eng",
}, "value": "Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php."
{ }
"name" : "39551", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/39551" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39530", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39530" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2010-0927", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2010/0927" ]
} },
] "references": {
} "reference_data": [
} {
"name": "39551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39551"
},
{
"name": "12288",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/12288"
},
{
"name": "39530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39530"
},
{
"name": "ADV-2010-0927",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0927"
}
]
}
}

150
2010/5xxx/CVE-2010-5006.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5006", "ID": "CVE-2010-5006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter."
{ }
"name" : "40625", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40625" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "8505", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8505" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2010-1404", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2010/1404" ]
} },
] "references": {
} "reference_data": [
} {
"name": "40625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40625"
},
{
"name": "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt"
},
{
"name": "ADV-2010-1404",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1404"
},
{
"name": "8505",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8505"
}
]
}
}

34
2010/5xxx/CVE-2010-5117.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2010-5117", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2010-5117",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none."
} }
] ]
} }
} }

140
2014/0xxx/CVE-2014-0111.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0111", "ID": "CVE-2014-0111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, \"derived schema definition,\" \"user / role templates,\" and \"account links of resource mappings.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140415 [SECURITY] CVE-2014-0111 Apache Syncope", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/531841/100/0/threaded" "lang": "eng",
}, "value": "Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, \"derived schema definition,\" \"user / role templates,\" and \"account links of resource mappings.\""
{ }
"name" : "[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope", ]
"refsource" : "MLIST", },
"url" : "http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://syncope.apache.org/security.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://syncope.apache.org/security.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope",
"refsource": "MLIST",
"url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E"
},
{
"name": "http://syncope.apache.org/security.html",
"refsource": "CONFIRM",
"url": "http://syncope.apache.org/security.html"
},
{
"name": "20140415 [SECURITY] CVE-2014-0111 Apache Syncope",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/531841/100/0/threaded"
}
]
}
}

150
2014/0xxx/CVE-2014-0342.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-0342", "ID": "CVE-2014-0342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released" "lang": "eng",
}, "value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors."
{ }
"name" : "http://pivotx.net/page/security", ]
"refsource" : "CONFIRM", },
"url" : "http://pivotx.net/page/security" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sourceforge.net/p/pivot-weblog/code/4347/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/p/pivot-weblog/code/4347/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#901156", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/901156" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released",
"refsource": "CONFIRM",
"url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released"
},
{
"name": "http://sourceforge.net/p/pivot-weblog/code/4347/",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/pivot-weblog/code/4347/"
},
{
"name": "http://pivotx.net/page/security",
"refsource": "CONFIRM",
"url": "http://pivotx.net/page/security"
},
{
"name": "VU#901156",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/901156"
}
]
}
}

320
2014/0xxx/CVE-2014-0461.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0461", "ID": "CVE-2014-0461",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.ibm.com/support/docview.wss?uid=swg21675973", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.ibm.com/support/docview.wss?uid=swg21675973" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" ]
}, },
{ "references": {
"name" : "DSA-2912", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-2912" "name": "USN-2187-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2187-1"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "RHSA-2014:0675",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
"name" : "GLSA-201502-12", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "name": "https://www.ibm.com/support/docview.wss?uid=swg21675973",
}, "refsource": "CONFIRM",
{ "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
"name" : "HPSBUX03091", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "name": "RHSA-2014:0414",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0414"
"name" : "HPSBUX03092", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "SSRT101667", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "name": "USN-2191-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2191-1"
"name" : "SSRT101668", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" "name": "HPSBUX03091",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
"name" : "RHSA-2014:0675", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0675.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
"name" : "RHSA-2014:0685", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0685.html" "name": "RHSA-2014:0413",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0413"
"name" : "RHSA-2014:0413", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0413" "name": "59058",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59058"
"name" : "RHSA-2014:0414", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "name": "SSRT101667",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
"name" : "USN-2191-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2191-1" "name": "HPSBUX03092",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
"name" : "USN-2187-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2187-1" "name": "RHSA-2014:0685",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html"
"name" : "66902", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/66902" "name": "58974",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/58974"
"name" : "58415", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58415" "name": "DSA-2912",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2014/dsa-2912"
"name" : "58974", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58974" "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
"name" : "59058", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59058" "name": "58415",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/58415"
} },
} {
"name": "SSRT101668",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"name": "66902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66902"
}
]
}
}

330
2014/0xxx/CVE-2014-0878.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0878", "ID": "CVE-2014-0878",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672043", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672043" "lang": "eng",
}, "value": "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21675343", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21675343" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21675588", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21675588" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703" "name": "59022",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59022"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256" "name": "59058",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59058"
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21677387", },
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21677387" "name": "61264",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/61264"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686717", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686717" "name": "ibm-java-cve20140878-weak-sec(91084)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91084"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717"
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672", },
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484"
"name" : "67601", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/67601" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836"
"name" : "59022", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59022" "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387",
}, "refsource": "CONFIRM",
{ "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387"
"name" : "59058", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59058" "name": "59023",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59023"
"name" : "59023", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59023" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746"
"name" : "61264", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61264" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672043",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672043"
"name" : "ibm-java-cve20140878-weak-sec(91084)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91084" "name": "67601",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/67601"
} },
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675343",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675343"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675588",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675588"
}
]
}
}

34
2014/1xxx/CVE-2014-1428.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1428", "ID": "CVE-2014-1428",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/5xxx/CVE-2014-5762.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5762", "ID": "CVE-2014-5762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#154729", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/154729" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#154729",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/154729"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

130
2015/2xxx/CVE-2015-2215.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2215", "ID": "CVE-2015-2215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2437965", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2437965" "lang": "eng",
}, "value": "Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters."
{ }
"name" : "72803", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72803" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.drupal.org/node/2437965",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2437965"
},
{
"name": "72803",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72803"
}
]
}
}

130
2015/2xxx/CVE-2015-2465.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2465", "ID": "CVE-2015-2465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"Windows Shell Security Feature Bypass Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-080", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" "lang": "eng",
}, "value": "The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"Windows Shell Security Feature Bypass Vulnerability.\""
{ }
"name" : "1033238", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033238" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080"
},
{
"name": "1033238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033238"
}
]
}
}

130
2015/2xxx/CVE-2015-2642.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-2642", "ID": "CVE-2015-2642",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip."
{ }
"name" : "1033881", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033881" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033881"
}
]
}
}

170
2015/2xxx/CVE-2015-2788.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2015-2788", "ID": "CVE-2015-2788",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150330 CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/03/30/4" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns."
{ }
"name" : "[oss-security] 20150330 Re: CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/03/30/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes", ]
"refsource" : "CONFIRM", }
"url" : "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes" ]
}, },
{ "references": {
"name" : "DSA-3219", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3219" "name": "73409",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73409"
"name" : "73409", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73409" "name": "DSA-3219",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2015/dsa-3219"
} },
} {
"name": "[oss-security] 20150330 Re: CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/30/10"
},
{
"name": "[oss-security] 20150330 CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/30/4"
},
{
"name": "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes",
"refsource": "CONFIRM",
"url": "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925"
}
]
}
}

132
2016/10xxx/CVE-2016-10403.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "chrome-cve-admin@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-10403", "ID": "CVE-2016-10403",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome", "product_name": "Chrome",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "51.0.2704.63" "version_value": "51.0.2704.63"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google" "vendor_name": "Google"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insufficient data validation"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/602046", "description_data": [
"refsource" : "MISC", {
"url" : "https://crbug.com/602046" "lang": "eng",
}, "value": "Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file."
{ }
"name" : "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html", ]
"refsource" : "CONFIRM", },
"url" : "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Insufficient data validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html"
},
{
"name": "https://crbug.com/602046",
"refsource": "MISC",
"url": "https://crbug.com/602046"
}
]
}
}

34
2016/10xxx/CVE-2016-10488.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10488", "ID": "CVE-2016-10488",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

330
2016/3xxx/CVE-2016-3136.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2016-3136", "ID": "CVE-2016-3136",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39541", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39541/" "lang": "eng",
}, "value": "The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors."
{ }
"name" : "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (mct_u232 driver)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/03/14/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283370", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283370" "name": "USN-2971-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-2"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317007", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317007" "name": "SUSE-SU-2016:1690",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
"name" : "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e" "name": "SUSE-SU-2016:1696",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html"
"name" : "DSA-3607", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3607" "name": "USN-2970-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2970-1"
"name" : "SUSE-SU-2016:1690", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e"
"name" : "SUSE-SU-2016:1696", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283370",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283370"
"name" : "SUSE-SU-2016:1764", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" "name": "USN-2968-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2968-1"
"name" : "openSUSE-SU-2016:1382", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html" "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (mct_u232 driver)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/03/14/2"
"name" : "USN-2996-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2996-1" "name": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e"
"name" : "USN-2997-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2997-1" "name": "USN-2971-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-3"
"name" : "USN-3000-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3000-1" "name": "USN-2997-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2997-1"
"name" : "USN-2968-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2968-1" "name": "SUSE-SU-2016:1764",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
"name" : "USN-2968-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2968-2" "name": "USN-3000-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3000-1"
"name" : "USN-2970-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2970-1" "name": "DSA-3607",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3607"
"name" : "USN-2971-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-1" "name": "39541",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/39541/"
"name" : "USN-2971-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-2" "name": "USN-2971-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2971-1"
"name" : "USN-2971-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2971-3" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317007",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317007"
"name" : "84299", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84299" "name": "USN-2996-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2996-1"
} },
} {
"name": "USN-2968-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2968-2"
},
{
"name": "openSUSE-SU-2016:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html"
},
{
"name": "84299",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84299"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1"
}
]
}
}

140
2016/4xxx/CVE-2016-4213.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4213", "ID": "CVE-2016-4213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
{ }
"name" : "91716", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91716" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036281", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036281" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}
}

160
2016/4xxx/CVE-2016-4746.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4746", "ID": "CVE-2016-4746",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207143", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207143" "lang": "eng",
}, "value": "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction."
{ }
"name" : "APPLE-SA-2016-09-13-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2016-09-20-3", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92932", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92932" ]
}, },
{ "references": {
"name" : "1036797", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036797" "name": "APPLE-SA-2016-09-20-3",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
} },
} {
"name": "1036797",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036797"
},
{
"name": "APPLE-SA-2016-09-13-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html"
},
{
"name": "92932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92932"
},
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}
}

140
2016/4xxx/CVE-2016-4812.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4812", "ID": "CVE-2016-4812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#26026353", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN26026353/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000071", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000071" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#26026353",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN26026353/index.html"
},
{
"name": "JVNDB-2016-000071",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000071"
},
{
"name": "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/",
"refsource": "CONFIRM",
"url": "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/"
}
]
}
}

132
2016/8xxx/CVE-2016-8530.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC" : "2017-01-30T00:00:00", "DATE_PUBLIC": "2017-01-30T00:00:00",
"ID" : "CVE-2016-8530", "ID": "CVE-2016-8530",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "iMC PLAT", "product_name": "iMC PLAT",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "v7.2 E0403P06 and earlier" "version_value": "v7.2 E0403P06 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote denial of service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.tenable.com/security/research/tra-2017-09", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.tenable.com/security/research/tra-2017-09" "lang": "eng",
}, "value": "A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version."
{ }
"name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418", ]
"refsource" : "CONFIRM", },
"url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "remote denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2017-09",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2017-09"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418"
}
]
}
}

130
2016/8xxx/CVE-2016-8966.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-8966", "ID": "CVE-2016-8966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "BigFix Inventory", "product_name": "BigFix Inventory",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.2" "version_value": "9.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21995023", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21995023" "lang": "eng",
}, "value": "IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques."
{ }
"name" : "95138", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95138" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995023",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995023"
},
{
"name": "95138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95138"
}
]
}
}

166
2016/9xxx/CVE-2016-9482.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-9482", "ID": "CVE-2016-9482",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass" "TITLE": "PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Generator", "product_name": "Generator",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "2016-12-06", "version_name": "2016-12-06",
"version_value" : "2016-12-06" "version_value": "2016-12-06"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "PHP FormMail" "vendor_name": "PHP FormMail"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "Thanks to Pouya Darabi for reporting this vulnerability."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-302"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "Thanks to Pouya Darabi for reporting this vulnerability."
"name" : "VU#494015", }
"refsource" : "CERT-VN", ],
"url" : "https://www.kb.cert.org/vuls/id/494015" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "94778", "description": {
"refsource" : "BID", "description_data": [
"url" : "http://www.securityfocus.com/bid/94778" {
} "lang": "eng",
] "value": "Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel"
}, }
"solution" : [ ]
{ },
"lang" : "eng", "problemtype": {
"value" : "The PHP FormMail Generator website as of 2016-12-06 generates PHP code that addresses these issues. Affected users are encouraged to regenerate the PHP form code using the website, or manually apply patches." "problemtype_data": [
} {
], "description": [
"source" : { {
"discovery" : "UNKNOWN" "lang": "eng",
} "value": "CWE-302"
} }
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#494015",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/494015"
},
{
"name": "94778",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94778"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The PHP FormMail Generator website as of 2016-12-06 generates PHP code that addresses these issues. Affected users are encouraged to regenerate the PHP form code using the website, or manually apply patches."
}
],
"source": {
"discovery": "UNKNOWN"
}
}

140
2016/9xxx/CVE-2016-9847.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9847", "ID": "CVE-2016-9847",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.phpmyadmin.net/security/PMASA-2016-58", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.phpmyadmin.net/security/PMASA-2016-58" "lang": "eng",
}, "value": "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected."
{ }
"name" : "GLSA-201701-32", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201701-32" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94524", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94524" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.phpmyadmin.net/security/PMASA-2016-58",
"refsource": "CONFIRM",
"url": "https://www.phpmyadmin.net/security/PMASA-2016-58"
},
{
"name": "94524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94524"
},
{
"name": "GLSA-201701-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-32"
}
]
}
}

140
2016/9xxx/CVE-2016-9862.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9862", "ID": "CVE-2016-9862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.phpmyadmin.net/security/PMASA-2016-67", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.phpmyadmin.net/security/PMASA-2016-67" "lang": "eng",
}, "value": "An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected."
{ }
"name" : "GLSA-201701-32", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201701-32" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94528", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94528" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "94528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94528"
},
{
"name": "https://www.phpmyadmin.net/security/PMASA-2016-67",
"refsource": "CONFIRM",
"url": "https://www.phpmyadmin.net/security/PMASA-2016-67"
},
{
"name": "GLSA-201701-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-32"
}
]
}
}

34
2019/2xxx/CVE-2019-2054.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2054", "ID": "CVE-2019-2054",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2651.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2651", "ID": "CVE-2019-2651",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2822.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2822", "ID": "CVE-2019-2822",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6108.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6108", "ID": "CVE-2019-6108",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/6xxx/CVE-2019-6127.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6127", "ID": "CVE-2019-6127",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via \"INTO OUTFILE\" with a .php filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md" "lang": "eng",
} "value": "An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via \"INTO OUTFILE\" with a .php filename."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md",
"refsource": "MISC",
"url": "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md"
}
]
}
}

34
2019/6xxx/CVE-2019-6377.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6377", "ID": "CVE-2019-6377",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6534.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6534", "ID": "CVE-2019-6534",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6544.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6544", "ID": "CVE-2019-6544",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7492.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7492", "ID": "CVE-2019-7492",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7605.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7605", "ID": "CVE-2019-7605",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7749.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7749", "ID": "CVE-2019-7749",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }