admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:30:14 +00:00
parent 07a1c2a810
commit fa647f1506
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
48 changed files with 3779 additions and 3779 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2006/0xxx/CVE-2006-0379.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secteam@freebsd.org",
"ID" : "CVE-2006-0379", "ID": "CVE-2006-0379",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "FreeBSD-SA-06:06", "description_data": [
"refsource" : "FREEBSD", {
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc" "lang": "eng",
}, "value": "FreeBSD kernel 5.4-STABLE and 6.0 does not completely initialize a buffer before making it available to userland, which could allow local users to read portions of kernel memory."
{ }
"name" : "16373", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/16373" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22730", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22730" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1015541", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1015541" ]
}, },
{ "references": {
"name" : "18599", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18599" "name": "FreeBSD-SA-06:06",
}, "refsource": "FREEBSD",
{ "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:06.kmem.asc"
"name" : "bsd-buffer-initialization-disclosure(24338)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24338" "name": "18599",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/18599"
} },
} {
"name": "1015541",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015541"
},
{
"name": "22730",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22730"
},
{
"name": "bsd-buffer-initialization-disclosure(24338)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24338"
},
{
"name": "16373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16373"
}
]
}
}

270
2006/0xxx/CVE-2006-0476.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0476", "ID": "CVE-2006-0476",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060130 Winamp 5.12 - 0day exploit - code execution through playlist", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/423436/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field)."
{ }
"name" : "3422", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/3422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.heise.de/newsticker/meldung/68981", "description": [
"refsource" : "MISC", {
"url" : "http://www.heise.de/newsticker/meldung/68981" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.winamp.com/player/version_history.php", ]
"refsource" : "MISC", }
"url" : "http://www.winamp.com/player/version_history.php" ]
}, },
{ "references": {
"name" : "20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/423548/100/0/threaded" "name": "398",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/398"
"name" : "TA06-032A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-032A.html" "name": "winamp-playlist-filename-bo(24361)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24361"
"name" : "VU#604745", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/604745" "name": "386",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/386"
"name" : "16410", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/16410" "name": "1015552",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015552"
"name" : "ADV-2006-0361", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/0361" "name": "3422",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/3422"
"name" : "22789", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/22789" "name": "18649",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/18649"
"name" : "oval:org.mitre.oval:def:1402", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1402" "name": "http://www.heise.de/newsticker/meldung/68981",
}, "refsource": "MISC",
{ "url": "http://www.heise.de/newsticker/meldung/68981"
"name" : "1015552", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015552" "name": "ADV-2006-0361",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/0361"
"name" : "18649", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/18649" "name": "20060131 Re: Re: Winamp 5.12 - 0day exploit - code execution through playlist",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/423548/100/0/threaded"
"name" : "386", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/386" "name": "oval:org.mitre.oval:def:1402",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1402"
"name" : "398", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/398" "name": "http://www.winamp.com/player/version_history.php",
}, "refsource": "MISC",
{ "url": "http://www.winamp.com/player/version_history.php"
"name" : "winamp-playlist-filename-bo(24361)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24361" "name": "20060130 Winamp 5.12 - 0day exploit - code execution through playlist",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/423436/100/0/threaded"
} },
} {
"name": "16410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16410"
},
{
"name": "22789",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22789"
},
{
"name": "TA06-032A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-032A.html"
},
{
"name": "VU#604745",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/604745"
}
]
}
}

200
2006/0xxx/CVE-2006-0999.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-0999", "ID": "CVE-2006-0999",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm" "lang": "eng",
}, "value": "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17176", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17176" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "64758", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/64758" ]
}, },
{ "references": {
"name" : "ADV-2006-1043", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1043" "name": "ADV-2006-1043",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1043"
"name" : "24048", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24048" "name": "1015799",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1015799"
"name" : "1015799", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015799" "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm"
"name" : "19324", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19324" "name": "netware-nile-forced-weak-encryption(25382)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382"
"name" : "netware-nile-forced-weak-encryption(25382)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25382" "name": "19324",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19324"
} },
} {
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "24048",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24048"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "17176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17176"
}
]
}
}

190
2006/1xxx/CVE-2006-1456.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1456", "ID": "CVE-2006-1456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "APPLE-SA-2006-05-11", "description_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html" "lang": "eng",
}, "value": "Buffer overflow in QuickTime Streaming Server in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via a crafted RTSP request, which is not properly handled during message logging."
{ }
"name" : "TA06-132A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-132A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17951", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17951" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1779", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1779" ]
}, },
{ "references": {
"name" : "25600", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25600" "name": "17951",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/17951"
"name" : "1016070", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016070" "name": "ADV-2006-1779",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1779"
"name" : "20077", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20077" "name": "TA06-132A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-132A.html"
"name" : "quicktime-rtsp-bo(26424)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26424" "name": "quicktime-rtsp-bo(26424)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26424"
} },
} {
"name": "25600",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25600"
},
{
"name": "APPLE-SA-2006-05-11",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"
},
{
"name": "1016070",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016070"
},
{
"name": "20077",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20077"
}
]
}
}

150
2006/1xxx/CVE-2006-1538.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1538", "ID": "CVE-2006-1538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060329 [HV-INFO] Enova hardware encryption: false sense of security", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/429253/100/0/threaded" "lang": "eng",
}, "value": "The Enova X-Wall ASIC encrypts with a key obtained via Microwire from a serial EEPROM that stores the key in cleartext, which allows local users with physical access to obtain the key by reading and duplicating an EEPROM that is located on a hardware token, or by sniffing the Microwire bus."
{ }
"name" : "http://www.hexview.com/docs/20060328-1.txt", ]
"refsource" : "MISC", },
"url" : "http://www.hexview.com/docs/20060328-1.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "648", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/648" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "enova-xwall-insecure-encryption-key(25527)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25527" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20060329 [HV-INFO] Enova hardware encryption: false sense of security",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/429253/100/0/threaded"
},
{
"name": "http://www.hexview.com/docs/20060328-1.txt",
"refsource": "MISC",
"url": "http://www.hexview.com/docs/20060328-1.txt"
},
{
"name": "648",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/648"
},
{
"name": "enova-xwall-insecure-encryption-key(25527)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25527"
}
]
}
}

190
2006/1xxx/CVE-2006-1691.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1691", "ID": "CVE-2006-1691",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060421 [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-04/0447.html" "lang": "eng",
}, "value": "SQL injection vulnerability in MWNewsletter 1.0.0b allows remote attackers to execute arbitrary SQL commands via the user_name parameter to unsubscribe.php."
{ }
"name" : "http://evuln.com/vulns/123/summary.html", ]
"refsource" : "MISC", },
"url" : "http://evuln.com/vulns/123/summary.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17412", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17412" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-1270", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/1270" ]
}, },
{ "references": {
"name" : "24905", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24905" "name": "mwnewsletter-unsubscribe-sql-injection(25683)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25683"
"name" : "24445", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24445" "name": "19568",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19568"
"name" : "19568", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19568" "name": "ADV-2006-1270",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/1270"
"name" : "mwnewsletter-unsubscribe-sql-injection(25683)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25683" "name": "17412",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/17412"
} },
} {
"name": "24905",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24905"
},
{
"name": "20060421 [eVuln] MWNewsletter SQL Injection and XSS Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0447.html"
},
{
"name": "http://evuln.com/vulns/123/summary.html",
"refsource": "MISC",
"url": "http://evuln.com/vulns/123/summary.html"
},
{
"name": "24445",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24445"
}
]
}
}

160
2006/1xxx/CVE-2006-1710.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1710", "ID": "CVE-2006-1710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1653", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1653" "lang": "eng",
}, "value": "SQL injection vulnerability in admin.php in Design Nation DNGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) email and (2) id parameters."
{ }
"name" : "17435", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17435" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-1299", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "19601", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/19601" ]
}, },
{ "references": {
"name" : "dnguestbook-admin-sql-injection(25699)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25699" "name": "19601",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/19601"
} },
} {
"name": "ADV-2006-1299",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1299"
},
{
"name": "1653",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1653"
},
{
"name": "17435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17435"
},
{
"name": "dnguestbook-admin-sql-injection(25699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25699"
}
]
}
}

170
2006/1xxx/CVE-2006-1833.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1833", "ID": "CVE-2006-1833",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "NetBSD-SA2006-009", "description_data": [
"refsource" : "NETBSD", {
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc" "lang": "eng",
}, "value": "Intel RNG Driver in NetBSD 1.6 through 3.0 may incorrectly detect the presence of the pchb interface, which will cause it to always generate the same random number, which allows remote attackers to more easily crack encryption keys generated from the interface."
{ }
"name" : "17496", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17496" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24577", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/24577" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1015907", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1015907" ]
}, },
{ "references": {
"name" : "19585", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/19585" "name": "19585",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/19585"
"name" : "netbsd-intel-rng-security-bypass(25786)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786" "name": "NetBSD-SA2006-009",
} "refsource": "NETBSD",
] "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-009.txt.asc"
} },
} {
"name": "17496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17496"
},
{
"name": "1015907",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015907"
},
{
"name": "netbsd-intel-rng-security-bypass(25786)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25786"
},
{
"name": "24577",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24577"
}
]
}
}

590
2006/1xxx/CVE-2006-1861.json
View File

@ -1,297 +1,297 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2006-1861", "ID": "CVE-2006-1861",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060612 rPSA-2006-0100-1 freetype", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/436836/100/0/threaded" "lang": "eng",
}, "value": "Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_lwfn function and a crafted LWFN file in base/ftmac.c. NOTE: item 4 was originally identified by CVE-2006-2493."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=416463", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=416463" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606" "name": "SUSE-SA:2006:037",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html"
"name" : "https://issues.rpath.com/browse/RPL-429", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-429" "name": "20791",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20791"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm" "name": "27271",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27271"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=502565", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=502565" "name": "33937",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33937"
"name" : "http://support.apple.com/kb/HT3438", },
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3438" "name": "http://sourceforge.net/project/shownotes.php?release_id=416463",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=416463"
"name" : "APPLE-SA-2009-02-12", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html" "name": "102705",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1"
"name" : "DSA-1095", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1095" "name": "21000",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21000"
"name" : "FEDORA-2009-5558", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html" "name": "20525",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20525"
"name" : "FEDORA-2009-5644", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html" "name": "21701",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21701"
"name" : "GLSA-200607-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200607-02.xml" "name": "GLSA-200607-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200607-02.xml"
"name" : "GLSA-200710-09", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml" "name": "http://support.apple.com/kb/HT3438",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT3438"
"name" : "MDKSA-2006:099", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099" "name": "27162",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27162"
"name" : "RHSA-2006:0500", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0500.html" "name": "FEDORA-2009-5644",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01401.html"
"name" : "RHSA-2009:0329", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-0329.html" "name": "APPLE-SA-2009-02-12",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
"name" : "RHSA-2009:1062", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1062.html" "name": "USN-291-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/291-1/"
"name" : "20060701-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U" "name": "21385",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21385"
"name" : "102705", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102705-1" "name": "FEDORA-2009-5558",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01316.html"
"name" : "SUSE-SA:2006:037", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0012.html" "name": "RHSA-2009:1062",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2009-1062.html"
"name" : "SUSE-SR:2007:021", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html" "name": "20060612 rPSA-2006-0100-1 freetype",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/436836/100/0/threaded"
"name" : "USN-291-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/291-1/" "name": "18034",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18034"
"name" : "18034", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18034" "name": "21135",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21135"
"name" : "oval:org.mitre.oval:def:9124", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124" "name": "freetype-lwfn-overflow(26553)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553"
"name" : "35200", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35200" "name": "RHSA-2006:0500",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0500.html"
"name" : "35204", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35204" "name": "oval:org.mitre.oval:def:9124",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9124"
"name" : "35233", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35233" "name": "23939",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23939"
"name" : "ADV-2006-1868", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1868" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=502565",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502565"
"name" : "ADV-2007-0381", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0381" "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-176.htm"
"name" : "1016522", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016522" "name": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=128606"
"name" : "20100", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20100" "name": "20591",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20591"
"name" : "20525", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20525" "name": "SUSE-SR:2007:021",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html"
"name" : "20591", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20591" "name": "27167",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27167"
"name" : "20638", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20638" "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593"
"name" : "20791", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20791" "name": "20638",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20638"
"name" : "21000", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21000" "name": "20100",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20100"
"name" : "21062", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21062" "name": "1016522",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016522"
"name" : "21135", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21135" "name": "35233",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35233"
"name" : "21385", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21385" "name": "ADV-2007-0381",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0381"
"name" : "21701", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21701" "name": "https://issues.rpath.com/browse/RPL-429",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-429"
"name" : "23939", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23939" "name": "20060701-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U"
"name" : "27162", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27162" "name": "GLSA-200710-09",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-09.xml"
"name" : "27167", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27167" "name": "35200",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/35200"
"name" : "27271", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27271" "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190593#c8"
"name" : "33937", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33937" "name": "21062",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21062"
"name" : "freetype-lwfn-overflow(26553)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26553" "name": "RHSA-2009:0329",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2009-0329.html"
} },
} {
"name": "35204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35204"
},
{
"name": "MDKSA-2006:099",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:099"
},
{
"name": "DSA-1095",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1095"
},
{
"name": "ADV-2006-1868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1868"
}
]
}
}

290
2006/4xxx/CVE-2006-4777.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-4777", "ID": "CVE-2006-4777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060913 [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/445898/100/0/threaded" "lang": "eng",
}, "value": "Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446."
{ }
"name" : "20060915 Fwd: IE ActiveX 0day?", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/446065/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060915 RE: IE ActiveX 0day?", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/446084/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20060915 Re: Fwd: IE ActiveX 0day?", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/446085/100/0/threaded" ]
}, },
{ "references": {
"name" : "20060918 Re: IE ActiveX 0day?", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/446246/100/0/threaded" "name": "1016854",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016854"
"name" : "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20", },
"refsource" : "MISC", {
"url" : "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20" "name": "21910",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21910"
"name" : "http://www.microsoft.com/technet/security/advisory/925444.mspx", },
"refsource" : "CONFIRM", {
"url" : "http://www.microsoft.com/technet/security/advisory/925444.mspx" "name": "1577",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/1577"
"name" : "MS06-067", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067" "name": "TA06-318A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-318A.html"
"name" : "TA06-318A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-318A.html" "name": "http://www.microsoft.com/technet/security/advisory/925444.mspx",
}, "refsource": "CONFIRM",
{ "url": "http://www.microsoft.com/technet/security/advisory/925444.mspx"
"name" : "VU#377369", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/377369" "name": "ADV-2006-3593",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3593"
"name" : "20047", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20047" "name": "28842",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/28842"
"name" : "ADV-2006-3593", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3593" "name": "20060918 Re: IE ActiveX 0day?",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/446246/100/0/threaded"
"name" : "28842", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/28842" "name": "20060915 RE: IE ActiveX 0day?",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/446084/100/0/threaded"
"name" : "oval:org.mitre.oval:def:1103", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1103" "name": "VU#377369",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/377369"
"name" : "1016854", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016854" "name": "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20",
}, "refsource": "MISC",
{ "url": "http://www.xsec.org/index.php?module=releases&act=view&type=2&id=20"
"name" : "21910", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21910" "name": "ie-directanimation-code-execution(28942)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28942"
"name" : "1577", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1577" "name": "20047",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/20047"
"name" : "ie-directanimation-code-execution(28942)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28942" "name": "20060915 Fwd: IE ActiveX 0day?",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/446065/100/0/threaded"
} },
} {
"name": "oval:org.mitre.oval:def:1103",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1103"
},
{
"name": "MS06-067",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067"
},
{
"name": "20060913 [0day] daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445898/100/0/threaded"
},
{
"name": "20060915 Re: Fwd: IE ActiveX 0day?",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446085/100/0/threaded"
}
]
}
}

160
2006/5xxx/CVE-2006-5023.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5023", "ID": "CVE-2006-5023",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2416", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2416" "lang": "eng",
}, "value": "SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter."
{ }
"name" : "20145", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/20145" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-3762", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3762" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22052", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/22052" ]
}, },
{ "references": {
"name" : "xweblog-kategori-sql-injection(29103)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29103" "name": "ADV-2006-3762",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3762"
} },
} {
"name": "xweblog-kategori-sql-injection(29103)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29103"
},
{
"name": "22052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22052"
},
{
"name": "2416",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2416"
},
{
"name": "20145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20145"
}
]
}
}

170
2006/5xxx/CVE-2006-5773.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5773", "ID": "CVE-2006-5773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2704", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2704" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in FreeWebshop 2.2.1 and earlier allows remote attackers to read arbitrary files and disclose the installation path via a .. (dot dot) in the action parameter."
{ }
"name" : "http://www.freewebshop.org/index.php?id=27", ]
"refsource" : "CONFIRM", },
"url" : "http://www.freewebshop.org/index.php?id=27" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20888", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20888" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4332", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4332" ]
}, },
{ "references": {
"name" : "22664", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22664" "name": "ADV-2006-4332",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4332"
"name" : "freewebshop-index-directory-traversal(29991)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29991" "name": "http://www.freewebshop.org/index.php?id=27",
} "refsource": "CONFIRM",
] "url": "http://www.freewebshop.org/index.php?id=27"
} },
} {
"name": "2704",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2704"
},
{
"name": "freewebshop-index-directory-traversal(29991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29991"
},
{
"name": "20888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20888"
},
{
"name": "22664",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22664"
}
]
}
}

140
2010/0xxx/CVE-2010-0246.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-0246", "ID": "CVE-2010-0246",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS10-002", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002" "lang": "eng",
}, "value": "Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability,\" a different vulnerability than CVE-2009-3671, CVE-2009-3674, and CVE-2010-0245."
{ }
"name" : "oval:org.mitre.oval:def:8378", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8378" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ie-deleted-object-code-exec(55776)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55776" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:8378",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8378"
},
{
"name": "ie-deleted-object-code-exec(55776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55776"
},
{
"name": "MS10-002",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-002"
}
]
}
}

130
2010/0xxx/CVE-2010-0350.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0350", "ID": "CVE-2010-0350",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/" "lang": "eng",
}, "value": "Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 has unknown impact and remote attack vectors."
{ }
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/", ]
"refsource" : "CONFIRM", },
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/goof_fotoboek/1.7.15/"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-021/"
}
]
}
}

240
2010/0xxx/CVE-2010-0414.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0414", "ID": "CVE-2010-0414",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news" "lang": "eng",
}, "value": "gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor."
{ }
"name" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950", ]
"refsource" : "CONFIRM", },
"url" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=609337", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=609337" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=562217", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=562217" "name": "38468",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38468"
"name" : "FEDORA-2010-1556", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html" "name": "62219",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/62219"
"name" : "MDVSA-2010:040", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040" "name": "38149",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/38149"
"name" : "USN-898-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-898-1" "name": "USN-898-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-898-1"
"name" : "38149", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/38149" "name": "38532",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38532"
"name" : "62219", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/62219" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=562217",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562217"
"name" : "38468", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38468" "name": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950",
}, "refsource": "CONFIRM",
{ "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=a5f66339be6719c2b8fc478a1d5fc6545297d950"
"name" : "38534", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38534" "name": "38534",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/38534"
"name" : "38532", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38532" "name": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f",
} "refsource": "CONFIRM",
] "url": "http://git.gnome.org/browse/gnome-screensaver/commit/?id=dcca89b7ab6e1220815af38da246434b2e13fd9f"
} },
} {
"name": "MDVSA-2010:040",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:040"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=609337",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=609337"
},
{
"name": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news",
"refsource": "CONFIRM",
"url": "http://ftp.gnome.org/pub/GNOME/sources/gnome-screensaver/2.28/gnome-screensaver-2.28.2.news"
},
{
"name": "FEDORA-2010-1556",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034904.html"
}
]
}
}

190
2010/0xxx/CVE-2010-0562.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0562", "ID": "CVE-2010-0562",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt" "lang": "eng",
}, "value": "The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping."
{ }
"name" : "http://www.fetchmail.info/fetchmail-SA-2010-01.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.fetchmail.info/fetchmail-SA-2010-01.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDVSA-2010:037", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:037" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38088", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/38088" ]
}, },
{ "references": {
"name" : "62114", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/62114" "name": "MDVSA-2010:037",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:037"
"name" : "1023543", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1023543" "name": "http://www.fetchmail.info/fetchmail-SA-2010-01.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.fetchmail.info/fetchmail-SA-2010-01.txt"
"name" : "38391", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/38391" "name": "38088",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/38088"
"name" : "ADV-2010-0296", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/0296" "name": "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt",
} "refsource": "CONFIRM",
] "url": "http://mknod.org/svn/fetchmail/branches/BRANCH_6-3/fetchmail-SA-2010-01.txt"
} },
} {
"name": "1023543",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023543"
},
{
"name": "38391",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38391"
},
{
"name": "62114",
"refsource": "OSVDB",
"url": "http://osvdb.org/62114"
},
{
"name": "ADV-2010-0296",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0296"
}
]
}
}

160
2010/0xxx/CVE-2010-0660.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0660", "ID": "CVE-2010-0660",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=29920", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=29920" "lang": "eng",
}, "value": "Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certain circumstances involving https to http redirection, which allows remote HTTP servers to obtain potentially sensitive information via standard HTTP logging."
{ }
"name" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:14247", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247" ]
}, },
{ "references": {
"name" : "1023506", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023506" "name": "oval:org.mitre.oval:def:14247",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14247"
} },
} {
"name": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/01/stable-channel-update_25.html"
},
{
"name": "1023506",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023506"
},
{
"name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource": "CONFIRM",
"url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=29920",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=29920"
}
]
}
}

190
2010/2xxx/CVE-2010-2599.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2599", "ID": "CVE-2010-2599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110121 [TEHTRI-Security] CVE-2010-2599: Update your BlackBerry", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/515860/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (browser hang) via a crafted web page."
{ }
"name" : "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html", ]
"refsource" : "MISC", },
"url" : "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.blackberry.com/btsc/KB24841", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.blackberry.com/btsc/KB24841" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "45754", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/45754" ]
}, },
{ "references": {
"name" : "70404", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/70404" "name": "http://www.blackberry.com/btsc/KB24841",
}, "refsource": "CONFIRM",
{ "url": "http://www.blackberry.com/btsc/KB24841"
"name" : "1024952", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1024952" "name": "1024952",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1024952"
"name" : "ADV-2011-0082", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0082" "name": "45754",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/45754"
"name" : "blackberry-desktop-dos(64622)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64622" "name": "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html",
} "refsource": "MISC",
] "url": "http://blog.tehtri-security.com/2011/01/blackhat-dc-2011-inglourious-hackerds.html"
} },
} {
"name": "70404",
"refsource": "OSVDB",
"url": "http://osvdb.org/70404"
},
{
"name": "20110121 [TEHTRI-Security] CVE-2010-2599: Update your BlackBerry",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515860/100/0/threaded"
},
{
"name": "ADV-2011-0082",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0082"
},
{
"name": "blackberry-desktop-dos(64622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64622"
}
]
}
}

34
2010/2xxx/CVE-2010-2783.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-2783", "ID": "CVE-2010-2783",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2010/3xxx/CVE-2010-3030.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3030", "ID": "CVE-2010-3030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40876", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40876" "lang": "eng",
} "value": "Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40876",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40876"
}
]
}
}

130
2010/3xxx/CVE-2010-3518.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3518", "ID": "CVE-2010-3518",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #13, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #13, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
{ }
"name" : "TA10-287A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}
}

130
2010/3xxx/CVE-2010-3581.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-3581", "ID": "CVE-2010-3581",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0 allows remote authenticated users to affect integrity via unknown vectors."
{ }
"name" : "TA10-287A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-287A.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html"
},
{
"name": "TA10-287A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-287A.html"
}
]
}
}

34
2010/3xxx/CVE-2010-3668.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-3668", "ID": "CVE-2010-3668",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2010/4xxx/CVE-2010-4589.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4589", "ID": "CVE-2010-4589",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary web script or HTML via vectors related to the emxFramework.FilterParameterPattern property."
{ }
"name" : "HE02563", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1HE02563" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45391", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45391" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42668", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/42668" ]
}, },
{ "references": {
"name" : "ADV-2010-3211", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/3211" "name": "HE02563",
} "refsource": "AIXAPAR",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1HE02563"
} },
} {
"name": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1HE02563"
},
{
"name": "ADV-2010-3211",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3211"
},
{
"name": "45391",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45391"
},
{
"name": "42668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42668"
}
]
}
}

180
2010/4xxx/CVE-2010-4836.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4836", "ID": "CVE-2010-4836",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20101106 Vulnerabilities in PHPShop", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/514672/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remote attackers to inject arbitrary web script or HTML via the name_new parameter."
{ }
"name" : "http://websecurity.com.ua/4512/", ]
"refsource" : "MISC", },
"url" : "http://websecurity.com.ua/4512/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "44763", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/44763" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "69101", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/69101" ]
}, },
{ "references": {
"name" : "42132", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42132" "name": "8381",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8381"
"name" : "8381", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8381" "name": "phpshop-register-xss(63157)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63157"
"name" : "phpshop-register-xss(63157)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63157" "name": "42132",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/42132"
} },
} {
"name": "http://websecurity.com.ua/4512/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/4512/"
},
{
"name": "44763",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44763"
},
{
"name": "20101106 Vulnerabilities in PHPShop",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/514672/100/0/threaded"
},
{
"name": "69101",
"refsource": "OSVDB",
"url": "http://osvdb.org/69101"
}
]
}
}

170
2010/4xxx/CVE-2010-4847.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4847", "ID": "CVE-2010-4847",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15756", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15756" "lang": "eng",
}, "value": "SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers to execute arbitrary SQL commands via the ItemID parameter."
{ }
"name" : "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45474", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45474" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "42675", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/42675" ]
}, },
{ "references": {
"name" : "8397", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8397" "name": "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.org/files/view/96774/mhpdownloadshop-sql.txt"
"name" : "mhpdownloadshop-viewitem-sql-injection(64193)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64193" "name": "mhpdownloadshop-viewitem-sql-injection(64193)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64193"
} },
} {
"name": "15756",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15756"
},
{
"name": "45474",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45474"
},
{
"name": "42675",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42675"
},
{
"name": "8397",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8397"
}
]
}
}

34
2014/3xxx/CVE-2014-3447.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-3447", "ID": "CVE-2014-3447",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2014/3xxx/CVE-2014-3925.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-3925", "ID": "CVE-2014-3925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140529 CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/05/29/6" "lang": "eng",
}, "value": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
{ }
"name" : "[oss-security] 20140530 Re: CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2014/05/30/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102633", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1102633" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-2845-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-2845-1" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[oss-security] 20140529 CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/29/6"
},
{
"name": "USN-2845-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2845-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
},
{
"name": "[oss-security] 20140530 Re: CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/30/3"
}
]
}
}

170
2014/4xxx/CVE-2014-4157.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2014-4157", "ID": "CVE-2014-4157",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/06/16/1" "lang": "eng",
}, "value": "arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audit subsystem."
{ }
"name" : "[oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/06/17/17" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8" ]
}, },
{ "references": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417" "name": "[oss-security] 20140617 Re: (Linux kernel) Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/06/17/17"
"name" : "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8",
} "refsource": "CONFIRM",
] "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8"
} },
} {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=137f7df8cead00688524c82360930845396b8a21"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751417"
},
{
"name": "[oss-security] 20140616 Re: Bug#751417: linux-image-3.2.0-4-5kc-malta: no SIGKILL after prctl(PR_SET_SECCOMP, 1, ...) on MIPS",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/06/16/1"
},
{
"name": "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/137f7df8cead00688524c82360930845396b8a21"
}
]
}
}

34
2014/4xxx/CVE-2014-4327.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4327", "ID": "CVE-2014-4327",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

240
2014/4xxx/CVE-2014-4455.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-4455", "ID": "CVE-2014-4455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/en-us/HT6590", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT6590" "lang": "eng",
}, "value": "dyld in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly handle overlapping segments in Mach-O executable files, which allows local users to bypass intended code-signing restrictions via a crafted file."
{ }
"name" : "https://support.apple.com/en-us/HT6592", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/en-us/HT6592" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/HT204245", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/HT204245" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.apple.com/HT204246", ]
"refsource" : "CONFIRM", }
"url" : "http://support.apple.com/HT204246" ]
}, },
{ "references": {
"name" : "https://support.apple.com/en-us/HT204418", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT204418" "name": "APPLE-SA-2014-11-17-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html"
"name" : "https://support.apple.com/en-us/HT204420", },
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/en-us/HT204420" "name": "http://support.apple.com/HT204245",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204245"
"name" : "APPLE-SA-2014-11-17-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00000.html" "name": "APPLE-SA-2014-11-17-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html"
"name" : "APPLE-SA-2014-11-17-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2014/Nov/msg00002.html" "name": "http://support.apple.com/HT204246",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/HT204246"
"name" : "APPLE-SA-2015-01-27-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html" "name": "https://support.apple.com/en-us/HT6590",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/en-us/HT6590"
"name" : "APPLE-SA-2015-01-27-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html" "name": "1031231",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1031231"
"name" : "71140", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71140" "name": "APPLE-SA-2015-01-27-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
"name" : "1031231", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031231" "name": "appletv-cve20144455-code-exec(98773)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98773"
"name" : "appletv-cve20144455-code-exec(98773)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98773" "name": "APPLE-SA-2015-01-27-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
} },
} {
"name": "71140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71140"
},
{
"name": "https://support.apple.com/en-us/HT204420",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204420"
},
{
"name": "https://support.apple.com/en-us/HT204418",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT204418"
},
{
"name": "https://support.apple.com/en-us/HT6592",
"refsource": "CONFIRM",
"url": "https://support.apple.com/en-us/HT6592"
}
]
}
}

130
2014/4xxx/CVE-2014-4857.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-4857", "ID": "CVE-2014-4857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forum.gurock.com/topic/1652/testrail-313-released/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forum.gurock.com/topic/1652/testrail-313-released/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Gurock TestRail before 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the Created By field in a project activity."
{ }
"name" : "VU#669804", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/669804" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#669804",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/669804"
},
{
"name": "http://forum.gurock.com/topic/1652/testrail-313-released/",
"refsource": "CONFIRM",
"url": "http://forum.gurock.com/topic/1652/testrail-313-released/"
}
]
}
}

34
2014/8xxx/CVE-2014-8226.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-8226", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-8226",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

34
2014/8xxx/CVE-2014-8808.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-8808", "ID": "CVE-2014-8808",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2014/9xxx/CVE-2014-9757.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9757", "ID": "CVE-2014-9757",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160122 January 2016 - Bamboo - Critical Security Advisory", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537347/100/0/threaded" "lang": "eng",
}, "value": "The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message."
{ }
"name" : "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://jira.atlassian.com/browse/BAM-17099", ]
"refsource" : "CONFIRM", }
"url" : "https://jira.atlassian.com/browse/BAM-17099" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20160122 January 2016 - Bamboo - Critical Security Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537347/100/0/threaded"
},
{
"name": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html",
"refsource": "CONFIRM",
"url": "https://confluence.atlassian.com/bamboo/bamboo-security-advisory-2016-01-20-794376535.html"
},
{
"name": "https://jira.atlassian.com/browse/BAM-17099",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/BAM-17099"
},
{
"name": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135352/Bamboo-Deserialization-Missing-Authentication-Checks.html"
}
]
}
}

34
2016/2xxx/CVE-2016-2356.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2356", "ID": "CVE-2016-2356",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

240
2016/2xxx/CVE-2016-2805.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-2805", "ID": "CVE-2016-2805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the browser engine in Mozilla Firefox ESR 38.x before 38.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3559", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3559" ]
}, },
{ "references": {
"name" : "DSA-3576", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3576" "name": "DSA-3576",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3576"
"name" : "GLSA-201701-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-39.html"
"name" : "RHSA-2016:1041", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1041.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "RHSA-2016:0695", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0695.html" "name": "RHSA-2016:0695",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0695.html"
"name" : "SUSE-SU-2016:1258", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html" "name": "1035692",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035692"
"name" : "SUSE-SU-2016:1352", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html" "name": "SUSE-SU-2016:1374",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html"
"name" : "SUSE-SU-2016:1374", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00057.html" "name": "SUSE-SU-2016:1352",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00054.html"
"name" : "USN-2973-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2973-1" "name": "USN-2973-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2973-1"
"name" : "1035692", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035692" "name": "GLSA-201701-15",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201701-15"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1241731"
},
{
"name": "DSA-3559",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3559"
},
{
"name": "SUSE-SU-2016:1258",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00023.html"
},
{
"name": "RHSA-2016:1041",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1041.html"
}
]
}
}

160
2016/2xxx/CVE-2016-2849.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-2849", "ID": "CVE-2016-2849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[botan-devel] 20160428 Botan 1.10.13 released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=botan-devel&m=146185420505943&w=2" "lang": "eng",
}, "value": "Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack."
{ }
"name" : "http://botan.randombit.net/security.html", ]
"refsource" : "CONFIRM", },
"url" : "http://botan.randombit.net/security.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3565", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3565" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2016-a545f81683", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html" ]
}, },
{ "references": {
"name" : "GLSA-201701-23", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-23" "name": "FEDORA-2016-a545f81683",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183669.html"
} },
} {
"name": "DSA-3565",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3565"
},
{
"name": "[botan-devel] 20160428 Botan 1.10.13 released",
"refsource": "MLIST",
"url": "http://marc.info/?l=botan-devel&m=146185420505943&w=2"
},
{
"name": "GLSA-201701-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-23"
},
{
"name": "http://botan.randombit.net/security.html",
"refsource": "CONFIRM",
"url": "http://botan.randombit.net/security.html"
}
]
}
}

340
2016/3xxx/CVE-2016-3422.json
View File

@ -1,172 +1,172 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3422", "ID": "CVE-2016-3422",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect availability via vectors related to 2D."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20160420-0001/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20160420-0001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201606-18", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-18" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2016:0701", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" ]
}, },
{ "references": {
"name" : "RHSA-2016:0702", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" "name": "RHSA-2016:0677",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0677.html"
"name" : "RHSA-2016:0708", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" "name": "SUSE-SU-2016:1299",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
"name" : "RHSA-2016:0716", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" "name": "86488",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/86488"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "RHSA-2016:1039",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
"name" : "RHSA-2016:1039", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" "name": "RHSA-2016:0701",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
"name" : "RHSA-2016:0677", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0677.html" "name": "SUSE-SU-2016:1303",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
"name" : "RHSA-2016:0678", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0678.html" "name": "SUSE-SU-2016:1475",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
"name" : "RHSA-2016:0679", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0679.html" "name": "SUSE-SU-2016:1300",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
"name" : "RHSA-2017:1216", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1216" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "SUSE-SU-2016:1299", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" "name": "https://security.netapp.com/advisory/ntap-20160420-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20160420-0001/"
"name" : "SUSE-SU-2016:1300", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" "name": "RHSA-2016:0708",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
"name" : "SUSE-SU-2016:1303", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" "name": "SUSE-SU-2016:1378",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
"name" : "SUSE-SU-2016:1378", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" "name": "SUSE-SU-2016:1379",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
"name" : "SUSE-SU-2016:1379", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" "name": "SUSE-SU-2016:1458",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
"name" : "SUSE-SU-2016:1388", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" "name": "GLSA-201606-18",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201606-18"
"name" : "SUSE-SU-2016:1458", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" "name": "RHSA-2016:0716",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
"name" : "SUSE-SU-2016:1475", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" "name": "1035596",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035596"
"name" : "86488", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/86488" "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
"name" : "1035596", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035596" "name": "SUSE-SU-2016:1388",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
} },
} {
"name": "RHSA-2016:0702",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"name": "RHSA-2016:0679",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0679.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "RHSA-2016:0678",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0678.html"
}
]
}
}

140
2016/3xxx/CVE-2016-3854.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3854", "ID": "CVE-2016-3854",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-08-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-08-01.html" "lang": "eng",
}, "value": "drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR897326."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92256", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92256" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "92256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92256"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?h=LA.AF.1.2.1_rb1.5&id=cc96def76dfd18fba88575065b29f2ae9191fafa"
}
]
}
}

142
2016/6xxx/CVE-2016-6034.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-6034", "ID": "CVE-2016-6034",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Tivoli Storage Manager for Virtual Environments", "product_name": "Tivoli Storage Manager for Virtual Environments",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.3" "version_value": "6.3"
}, },
{ {
"version_value" : "6.4" "version_value": "6.4"
}, },
{ {
"version_value" : "7.1" "version_value": "7.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21995544", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21995544" "lang": "eng",
}, "value": "IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of privileges."
{ }
"name" : "95976", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95976" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95976",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95976"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21995544",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21995544"
}
]
}
}

34
2016/6xxx/CVE-2016-6324.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6324", "ID": "CVE-2016-6324",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/6xxx/CVE-2016-6407.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-6407", "ID": "CVE-2016-6407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160914 Cisco Web Security Appliance HTTP Load Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wsa" "lang": "eng",
}, "value": "Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219."
{ }
"name" : "92955", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92955" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036829", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036829" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20160914 Cisco Web Security Appliance HTTP Load Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wsa"
},
{
"name": "1036829",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036829"
},
{
"name": "92955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92955"
}
]
}
}

140
2016/6xxx/CVE-2016-6957.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-6957", "ID": "CVE-2016-6957",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors."
{ }
"name" : "93486", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93486" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036986", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036986" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036986",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036986"
},
{
"name": "93486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93486"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
}
]
}
}

150
2016/7xxx/CVE-2016-7066.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "anemec@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-7066", "ID": "CVE-2016-7066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "JBoss Enterprise Application Platform", "product_name": "JBoss Enterprise Application Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1.0" "version_value": "7.1.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Red Hat" "vendor_name": "Red Hat"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C",
"version" : "2.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-266"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066" "lang": "eng",
}, "value": "It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations."
{ }
"name" : "RHSA-2017:3456", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2017:3456" "impact": {
} "cvss": [
] [
} {
} "vectorString": "6.1/AV:L/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3456"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066"
}
]
}
}

170
2016/7xxx/CVE-2016-7143.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7143", "ID": "CVE-2016-7143",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160904 CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/04/3" "lang": "eng",
}, "value": "The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter."
{ }
"name" : "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/09/05/8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824" ]
}, },
{ "references": {
"name" : "DSA-3661", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3661" "name": "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/charybdis-ircd/charybdis/commit/818a3fda944b26d4814132cee14cfda4ea4aa824"
"name" : "92761", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92761" "name": "DSA-3661",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3661"
} },
} {
"name": "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md",
"refsource": "CONFIRM",
"url": "https://github.com/charybdis-ircd/charybdis/blob/charybdis-3.5.3/NEWS.md"
},
{
"name": "92761",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92761"
},
{
"name": "[oss-security] 20160905 Re: CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/05/8"
},
{
"name": "[oss-security] 20160904 CVE ID request: certificate spoofing through crafted SASL message in inspircd, charybdis",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/04/3"
}
]
}
}

140
2016/7xxx/CVE-2016-7410.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7410", "ID": "CVE-2016-7410",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160914 CVE request -libdwarf 06/13/2016 heap-buffer-overflow", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/13/5" "lang": "eng",
}, "value": "The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file."
{ }
"name" : "[oss-security] 20160915 Re: CVE request -libdwarf 06/13/2016 heap-buffer-overflow", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/09/15/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92971", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92971" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160914 CVE request -libdwarf 06/13/2016 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/13/5"
},
{
"name": "[oss-security] 20160915 Re: CVE request -libdwarf 06/13/2016 heap-buffer-overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/15/3"
},
{
"name": "92971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92971"
}
]
}
}

34
2016/7xxx/CVE-2016-7486.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-7486", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-7486",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }