admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:44:32 +00:00
parent b99a2ab8c3
commit fb661ab278
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 4717 additions and 4717 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2006/1xxx/CVE-2006-1580.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1580",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html",
"refsource" : "MISC",
"url" : "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html"
},
{
"name" : "17351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17351"
},
{
"name" : "ADV-2006-1195",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1195"
},
{
"name" : "24328",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24328"
},
{
"name" : "24329",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/24329"
},
{
"name" : "19492",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19492"
},
{
"name" : "bugzero-query-edit-xss(25601)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25601"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17351"
},
{
"name": "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html"
},
{
"name": "bugzero-query-edit-xss(25601)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25601"
},
{
"name": "ADV-2006-1195",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1195"
},
{
"name": "19492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19492"
},
{
"name": "24328",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24328"
},
{
"name": "24329",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/24329"
}
]
}
}

670
2006/1xxx/CVE-2006-1731.json
View File

@ -1,337 +1,337 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-1731",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-1731",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name" : "DSA-1044",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1044"
},
{
"name" : "DSA-1046",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1046"
},
{
"name" : "DSA-1051",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1051"
},
{
"name" : "FEDORA-2006-410",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
},
{
"name" : "FEDORA-2006-411",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
},
{
"name" : "FLSA:189137-1",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
},
{
"name" : "FLSA:189137-2",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
},
{
"name" : "GLSA-200604-12",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
},
{
"name" : "GLSA-200604-18",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
},
{
"name" : "GLSA-200605-09",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
},
{
"name" : "HPSBUX02122",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name" : "SSRT061158",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name" : "MDKSA-2006:075",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
},
{
"name" : "MDKSA-2006:076",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
},
{
"name" : "MDKSA-2006:078",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
},
{
"name" : "RHSA-2006:0328",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
},
{
"name" : "RHSA-2006:0329",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
},
{
"name" : "RHSA-2006:0330",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
},
{
"name" : "SCOSA-2006.26",
"refsource" : "SCO",
"url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
},
{
"name" : "20060404-01-U",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name" : "102550",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
},
{
"name" : "228526",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
},
{
"name" : "SUSE-SA:2006:022",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name" : "SUSE-SA:2006:021",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
},
{
"name" : "USN-275-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/275-1/"
},
{
"name" : "USN-276-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/276-1/"
},
{
"name" : "USN-271-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/271-1/"
},
{
"name" : "17516",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17516"
},
{
"name" : "oval:org.mitre.oval:def:9604",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604"
},
{
"name" : "ADV-2006-1356",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1356"
},
{
"name" : "ADV-2006-3391",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3391"
},
{
"name" : "oval:org.mitre.oval:def:1955",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955"
},
{
"name" : "19631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19631"
},
{
"name" : "19759",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19759"
},
{
"name" : "19794",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19794"
},
{
"name" : "19821",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19821"
},
{
"name" : "19811",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19811"
},
{
"name" : "19823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19823"
},
{
"name" : "19852",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19852"
},
{
"name" : "19862",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19862"
},
{
"name" : "19863",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19863"
},
{
"name" : "19902",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19902"
},
{
"name" : "19950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19950"
},
{
"name" : "19941",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19941"
},
{
"name" : "19714",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19714"
},
{
"name" : "19721",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19721"
},
{
"name" : "19746",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19746"
},
{
"name" : "21033",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21033"
},
{
"name" : "21622",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21622"
},
{
"name" : "19696",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19696"
},
{
"name" : "19729",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19729"
},
{
"name" : "19780",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19780"
},
{
"name" : "20051",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20051"
},
{
"name" : "mozilla-valueof-xss(25820)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25820"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-275-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/275-1/"
},
{
"name": "RHSA-2006:0330",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html"
},
{
"name": "19902",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19902"
},
{
"name": "20060404-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc"
},
{
"name": "USN-276-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/276-1/"
},
{
"name": "HPSBUX02122",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name": "19941",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19941"
},
{
"name": "19780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19780"
},
{
"name": "RHSA-2006:0328",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html"
},
{
"name": "19821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19821"
},
{
"name": "GLSA-200604-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml"
},
{
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html"
},
{
"name": "21622",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21622"
},
{
"name": "19862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19862"
},
{
"name": "MDKSA-2006:075",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm"
},
{
"name": "19823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19823"
},
{
"name": "DSA-1051",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1051"
},
{
"name": "FEDORA-2006-410",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html"
},
{
"name": "USN-271-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/271-1/"
},
{
"name": "oval:org.mitre.oval:def:1955",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955"
},
{
"name": "19714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19714"
},
{
"name": "RHSA-2006:0329",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html"
},
{
"name": "GLSA-200604-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml"
},
{
"name": "19811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19811"
},
{
"name": "19794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19794"
},
{
"name": "19746",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19746"
},
{
"name": "21033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21033"
},
{
"name": "102550",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1"
},
{
"name": "19696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19696"
},
{
"name": "19759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19759"
},
{
"name": "SUSE-SA:2006:021",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html"
},
{
"name": "FLSA:189137-2",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded"
},
{
"name": "ADV-2006-1356",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1356"
},
{
"name": "oval:org.mitre.oval:def:9604",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604"
},
{
"name": "SSRT061158",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded"
},
{
"name": "mozilla-valueof-xss(25820)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25820"
},
{
"name": "MDKSA-2006:078",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078"
},
{
"name": "19729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19729"
},
{
"name": "20051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20051"
},
{
"name": "19863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19863"
},
{
"name": "SCOSA-2006.26",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt"
},
{
"name": "FLSA:189137-1",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded"
},
{
"name": "17516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17516"
},
{
"name": "228526",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1"
},
{
"name": "FEDORA-2006-411",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html"
},
{
"name": "19852",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19852"
},
{
"name": "19721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19721"
},
{
"name": "SUSE-SA:2006:022",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_04_25.html"
},
{
"name": "GLSA-200605-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml"
},
{
"name": "ADV-2006-3391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3391"
},
{
"name": "19631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19631"
},
{
"name": "19950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19950"
},
{
"name": "MDKSA-2006:076",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076"
},
{
"name": "DSA-1046",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1046"
},
{
"name": "DSA-1044",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1044"
}
]
}
}

160
2006/5xxx/CVE-2006-5074.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5074",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060926 PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447015/100/0/threaded"
},
{
"name" : "20221",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20221"
},
{
"name" : "ADV-2006-3795",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3795"
},
{
"name" : "22123",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22123"
},
{
"name" : "1652",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1652"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3795",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3795"
},
{
"name": "20221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20221"
},
{
"name": "20060926 PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447015/100/0/threaded"
},
{
"name": "22123",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22123"
},
{
"name": "1652",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1652"
}
]
}
}

180
2006/5xxx/CVE-2006-5247.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5247",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061010 MHL-2006-001 Public Advisory: \"Eazy Cart\" Multiple Security Issues",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/448094/100/0/threaded"
},
{
"name" : "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt",
"refsource" : "MISC",
"url" : "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt"
},
{
"name" : "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001",
"refsource" : "MISC",
"url" : "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001"
},
{
"name" : "1017041",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017041"
},
{
"name" : "22286",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22286"
},
{
"name" : "1717",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1717"
},
{
"name" : "eazycart-easycart-xss(29421)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29421"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1717",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1717"
},
{
"name": "eazycart-easycart-xss(29421)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29421"
},
{
"name": "20061010 MHL-2006-001 Public Advisory: \"Eazy Cart\" Multiple Security Issues",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/448094/100/0/threaded"
},
{
"name": "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001",
"refsource": "MISC",
"url": "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001"
},
{
"name": "1017041",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017041"
},
{
"name": "22286",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22286"
},
{
"name": "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt",
"refsource": "MISC",
"url": "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt"
}
]
}
}

34
2006/5xxx/CVE-2006-5698.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5698",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-5698",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none."
}
]
}
}

160
2006/5xxx/CVE-2006-5862.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-5862",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=461986",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=461986"
},
{
"name" : "20995",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20995"
},
{
"name" : "ADV-2006-4447",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4447"
},
{
"name" : "22766",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22766"
},
{
"name" : "nav-web-interface-code-execution(30174)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30174"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4447",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4447"
},
{
"name": "22766",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22766"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=461986",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=461986"
},
{
"name": "nav-web-interface-code-execution(30174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30174"
},
{
"name": "20995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20995"
}
]
}
}

440
2007/2xxx/CVE-2007-2022.json
View File

@ -1,222 +1,222 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2022",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.adobe.com/support/security/advisories/apsa07-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/advisories/apsa07-03.html"
},
{
"name" : "http://www.opera.com/support/search/view/858/",
"refsource" : "CONFIRM",
"url" : "http://www.opera.com/support/search/view/858/"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1462",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1462"
},
{
"name" : "GLSA-200708-01",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml"
},
{
"name" : "MDKSA-2007:138",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:138"
},
{
"name" : "RHSA-2007:0494",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0494.html"
},
{
"name" : "20070602-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name" : "103167",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1"
},
{
"name" : "201506",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1"
},
{
"name" : "SUSE-SA:2007:028",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_28_opera.html"
},
{
"name" : "SUSE-SR:2007:012",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_12_sr.html"
},
{
"name" : "SUSE-SA:2007:046",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html"
},
{
"name" : "TA07-192A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-192A.html"
},
{
"name" : "23437",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23437"
},
{
"name" : "oval:org.mitre.oval:def:9332",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332"
},
{
"name" : "ADV-2007-1361",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1361"
},
{
"name" : "ADV-2007-2497",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2497"
},
{
"name" : "ADV-2007-4190",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4190"
},
{
"name" : "1017903",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017903"
},
{
"name" : "24877",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24877"
},
{
"name" : "25027",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25027"
},
{
"name" : "25432",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25432"
},
{
"name" : "25662",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25662"
},
{
"name" : "25669",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25669"
},
{
"name" : "25894",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25894"
},
{
"name" : "25933",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25933"
},
{
"name" : "26027",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26027"
},
{
"name" : "26118",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26118"
},
{
"name" : "26357",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26357"
},
{
"name" : "26860",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26860"
},
{
"name" : "28068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28068"
},
{
"name" : "opera-flash-player-unspecified(33595)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33595"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28068"
},
{
"name": "opera-flash-player-unspecified(33595)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33595"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "26357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26357"
},
{
"name": "SUSE-SA:2007:046",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html"
},
{
"name": "26860",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26860"
},
{
"name": "201506",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1"
},
{
"name": "25669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25669"
},
{
"name": "ADV-2007-4190",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4190"
},
{
"name": "MDKSA-2007:138",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:138"
},
{
"name": "https://issues.rpath.com/browse/RPL-1462",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1462"
},
{
"name": "23437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23437"
},
{
"name": "GLSA-200708-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml"
},
{
"name": "24877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24877"
},
{
"name": "26027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26027"
},
{
"name": "SUSE-SR:2007:012",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html"
},
{
"name": "RHSA-2007:0494",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0494.html"
},
{
"name": "TA07-192A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-192A.html"
},
{
"name": "oval:org.mitre.oval:def:9332",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332"
},
{
"name": "ADV-2007-1361",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1361"
},
{
"name": "26118",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26118"
},
{
"name": "http://www.adobe.com/support/security/advisories/apsa07-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/advisories/apsa07-03.html"
},
{
"name": "25027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25027"
},
{
"name": "SUSE-SA:2007:028",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_28_opera.html"
},
{
"name": "http://www.opera.com/support/search/view/858/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/support/search/view/858/"
},
{
"name": "25933",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25933"
},
{
"name": "ADV-2007-2497",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2497"
},
{
"name": "103167",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1"
},
{
"name": "1017903",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017903"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "25662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25662"
},
{
"name": "25432",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25432"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-12.html"
}
]
}
}

150
2007/2xxx/CVE-2007-2232.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2232",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\\r) sequences in the cosign cookie parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070411 Cosign SSO Authentication Bypass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465386/100/100/threaded"
},
{
"name" : "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt",
"refsource" : "CONFIRM",
"url" : "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt"
},
{
"name" : "ADV-2007-1359",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1359"
},
{
"name" : "24845",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24845"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\\r) sequences in the cosign cookie parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070411 Cosign SSO Authentication Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465386/100/100/threaded"
},
{
"name": "24845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24845"
},
{
"name": "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt",
"refsource": "CONFIRM",
"url": "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt"
},
{
"name": "ADV-2007-1359",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1359"
}
]
}
}

130
2007/2xxx/CVE-2007-2384.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2384",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Script.aculo.us framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2384",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf",
"refsource" : "MISC",
"url" : "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf"
},
{
"name" : "43319",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43319"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Script.aculo.us framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf",
"refsource": "MISC",
"url": "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf"
},
{
"name": "43319",
"refsource": "OSVDB",
"url": "http://osvdb.org/43319"
}
]
}
}

140
2007/2xxx/CVE-2007-2631.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2631",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070510 Re: squirrelmail CSRF vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468253/100/0/threaded"
},
{
"name" : "20070510 squirrelmail CSRF vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468220/100/0/threaded"
},
{
"name" : "35890",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35890"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070510 Re: squirrelmail CSRF vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468253/100/0/threaded"
},
{
"name": "20070510 squirrelmail CSRF vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468220/100/0/threaded"
},
{
"name": "35890",
"refsource": "OSVDB",
"url": "http://osvdb.org/35890"
}
]
}
}

170
2007/2xxx/CVE-2007-2709.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2709",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2709",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3919",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3919"
},
{
"name" : "23966",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23966"
},
{
"name" : "36054",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36054"
},
{
"name" : "ADV-2007-1800",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1800"
},
{
"name" : "25274",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25274"
},
{
"name" : "nagiosql-prependadm-file-include(34268)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34268"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36054",
"refsource": "OSVDB",
"url": "http://osvdb.org/36054"
},
{
"name": "nagiosql-prependadm-file-include(34268)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34268"
},
{
"name": "25274",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25274"
},
{
"name": "ADV-2007-1800",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1800"
},
{
"name": "23966",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23966"
},
{
"name": "3919",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3919"
}
]
}
}

150
2007/6xxx/CVE-2007-6575.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6575",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6575",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4776",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4776"
},
{
"name" : "26995",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26995"
},
{
"name" : "39761",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39761"
},
{
"name" : "mmslamp-default-sql-injection(39220)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39220"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mmslamp-default-sql-injection(39220)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39220"
},
{
"name": "39761",
"refsource": "OSVDB",
"url": "http://osvdb.org/39761"
},
{
"name": "26995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26995"
},
{
"name": "4776",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4776"
}
]
}
}

180
2010/0xxx/CVE-2010-0633.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-0633",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.citrix.com/article/CTX123193",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX123193"
},
{
"name" : "http://support.citrix.com/article/CTX123456",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX123456"
},
{
"name" : "http://support.citrix.com/article/CTX123460",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX123460"
},
{
"name" : "38052",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38052"
},
{
"name" : "1023530",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023530"
},
{
"name" : "38431",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38431"
},
{
"name" : "ADV-2010-0290",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0290"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.citrix.com/article/CTX123456",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123456"
},
{
"name": "http://support.citrix.com/article/CTX123193",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123193"
},
{
"name": "http://support.citrix.com/article/CTX123460",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX123460"
},
{
"name": "38431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38431"
},
{
"name": "ADV-2010-0290",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0290"
},
{
"name": "1023530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023530"
},
{
"name": "38052",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38052"
}
]
}
}

130
2010/1xxx/CVE-2010-1010.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1010",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name" : "38792",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/38792"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/"
},
{
"name": "38792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38792"
}
]
}
}

130
2010/1xxx/CVE-2010-1089.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1089",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt"
},
{
"name" : "38763",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/38763"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt"
},
{
"name": "38763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38763"
}
]
}
}

410
2010/1xxx/CVE-2010-1202.json
View File

@ -1,207 +1,207 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1202",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=424558",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=424558"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=526449",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=526449"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561031",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561031"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561592",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561592"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100091069",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100091069"
},
{
"name" : "FEDORA-2010-10344",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html"
},
{
"name" : "FEDORA-2010-10361",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html"
},
{
"name" : "MDVSA-2010:125",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:125"
},
{
"name" : "RHSA-2010:0500",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0500.html"
},
{
"name" : "RHSA-2010:0501",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0501.html"
},
{
"name" : "SUSE-SA:2010:030",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html"
},
{
"name" : "USN-930-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-930-1"
},
{
"name" : "USN-930-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-930-2"
},
{
"name" : "41050",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41050"
},
{
"name" : "41094",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41094"
},
{
"name" : "oval:org.mitre.oval:def:10889",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10889"
},
{
"name" : "oval:org.mitre.oval:def:14308",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14308"
},
{
"name" : "1024138",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024138"
},
{
"name" : "1024139",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024139"
},
{
"name" : "40323",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40323"
},
{
"name" : "40326",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40326"
},
{
"name" : "40401",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40401"
},
{
"name" : "40481",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40481"
},
{
"name" : "ADV-2010-1551",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1551"
},
{
"name" : "ADV-2010-1557",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1557"
},
{
"name" : "ADV-2010-1640",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1640"
},
{
"name" : "ADV-2010-1773",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1773"
},
{
"name" : "ADV-2010-1592",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1592"
},
{
"name" : "firefox-javascript-ce(59661)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59661"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40481",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40481"
},
{
"name": "USN-930-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-930-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=561031",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=561031"
},
{
"name": "FEDORA-2010-10361",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html"
},
{
"name": "1024138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024138"
},
{
"name": "ADV-2010-1640",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1640"
},
{
"name": "41050",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41050"
},
{
"name": "RHSA-2010:0501",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0501.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=526449",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526449"
},
{
"name": "ADV-2010-1557",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1557"
},
{
"name": "MDVSA-2010:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:125"
},
{
"name": "ADV-2010-1773",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1773"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=424558",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424558"
},
{
"name": "firefox-javascript-ce(59661)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59661"
},
{
"name": "ADV-2010-1592",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1592"
},
{
"name": "oval:org.mitre.oval:def:10889",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10889"
},
{
"name": "USN-930-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-930-2"
},
{
"name": "ADV-2010-1551",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1551"
},
{
"name": "RHSA-2010:0500",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0500.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=561592",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=561592"
},
{
"name": "SUSE-SA:2010:030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html"
},
{
"name": "40323",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40323"
},
{
"name": "41094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41094"
},
{
"name": "40401",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40401"
},
{
"name": "oval:org.mitre.oval:def:14308",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14308"
},
{
"name": "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html"
},
{
"name": "FEDORA-2010-10344",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html"
},
{
"name": "40326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40326"
},
{
"name": "http://support.avaya.com/css/P8/documents/100091069",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100091069"
},
{
"name": "1024139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024139"
}
]
}
}

180
2010/1xxx/CVE-2010-1348.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1348",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "PM08667",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667"
},
{
"name" : "39306",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/39306"
},
{
"name" : "63594",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/63594"
},
{
"name" : "1023830",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1023830"
},
{
"name" : "39305",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39305"
},
{
"name" : "ADV-2010-0829",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0829"
},
{
"name" : "websphere-login-unspecified(57613)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "63594",
"refsource": "OSVDB",
"url": "http://osvdb.org/63594"
},
{
"name": "39306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39306"
},
{
"name": "39305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39305"
},
{
"name": "ADV-2010-0829",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0829"
},
{
"name": "1023830",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023830"
},
{
"name": "PM08667",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667"
},
{
"name": "websphere-login-unspecified(57613)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613"
}
]
}
}

310
2010/1xxx/CVE-2010-1394.json
View File

@ -1,157 +1,157 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1394",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2010-1394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT4196",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4196"
},
{
"name" : "http://support.apple.com/kb/HT4225",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4225"
},
{
"name" : "http://support.apple.com/kb/HT4456",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4456"
},
{
"name" : "APPLE-SA-2010-06-07-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html"
},
{
"name" : "APPLE-SA-2010-06-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name" : "APPLE-SA-2010-11-22-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
},
{
"name" : "MDVSA-2011:039",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name" : "SUSE-SR:2011:002",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name" : "USN-1006-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name" : "40620",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/40620"
},
{
"name" : "oval:org.mitre.oval:def:7552",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7552"
},
{
"name" : "1024067",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1024067"
},
{
"name" : "40105",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40105"
},
{
"name" : "41856",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41856"
},
{
"name" : "42314",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42314"
},
{
"name" : "43068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43068"
},
{
"name" : "ADV-2010-1373",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1373"
},
{
"name" : "ADV-2010-2722",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name" : "ADV-2011-0212",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name" : "ADV-2011-0552",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0552"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name": "ADV-2010-2722",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name": "43068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43068"
},
{
"name": "USN-1006-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name": "41856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41856"
},
{
"name": "ADV-2011-0212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0212"
},
{
"name": "http://support.apple.com/kb/HT4225",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4225"
},
{
"name": "APPLE-SA-2010-06-07-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html"
},
{
"name": "40105",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40105"
},
{
"name": "ADV-2010-1373",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1373"
},
{
"name": "SUSE-SR:2011:002",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html"
},
{
"name": "oval:org.mitre.oval:def:7552",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7552"
},
{
"name": "42314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42314"
},
{
"name": "40620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40620"
},
{
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
},
{
"name": "http://support.apple.com/kb/HT4456",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4456"
},
{
"name": "1024067",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024067"
},
{
"name": "http://support.apple.com/kb/HT4196",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4196"
},
{
"name": "APPLE-SA-2010-06-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html"
},
{
"name": "APPLE-SA-2010-11-22-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
}
]
}
}

210
2010/1xxx/CVE-2010-1665.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-1665",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=42294",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=42294"
},
{
"name" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html"
},
{
"name" : "MDVSA-2011:039",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name" : "USN-1006-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name" : "oval:org.mitre.oval:def:7034",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7034"
},
{
"name" : "39651",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/39651"
},
{
"name" : "41856",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41856"
},
{
"name" : "ADV-2010-1016",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1016"
},
{
"name" : "ADV-2010-2722",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name" : "ADV-2011-0552",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0552"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:039",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039"
},
{
"name": "ADV-2010-2722",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2722"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=42294",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=42294"
},
{
"name": "USN-1006-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1006-1"
},
{
"name": "41856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41856"
},
{
"name": "39651",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39651"
},
{
"name": "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html"
},
{
"name": "ADV-2010-1016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1016"
},
{
"name": "oval:org.mitre.oval:def:7034",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7034"
},
{
"name": "ADV-2011-0552",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0552"
}
]
}
}

660
2010/4xxx/CVE-2010-4180.json
View File

@ -1,332 +1,332 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4180",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://cvs.openssl.org/chngview?cn=20131",
"refsource" : "CONFIRM",
"url" : "http://cvs.openssl.org/chngview?cn=20131"
},
{
"name" : "http://openssl.org/news/secadv_20101202.txt",
"refsource" : "CONFIRM",
"url" : "http://openssl.org/news/secadv_20101202.txt"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=659462",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=659462"
},
{
"name" : "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST",
"refsource" : "CONFIRM",
"url" : "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST"
},
{
"name" : "http://support.apple.com/kb/HT4723",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4723"
},
{
"name" : "APPLE-SA-2011-06-23-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name" : "DSA-2141",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2141"
},
{
"name" : "FEDORA-2010-18765",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"
},
{
"name" : "FEDORA-2010-18736",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"
},
{
"name" : "HPSBMA02658",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name" : "SSRT100413",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name" : "HPSBHF02706",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=132077688910227&w=2"
},
{
"name" : "SSRT100613",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=132077688910227&w=2"
},
{
"name" : "HPSBMU02759",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/522176"
},
{
"name" : "SSRT100817",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/522176"
},
{
"name" : "HPSBOV02670",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497251507577&w=2"
},
{
"name" : "HPSBUX02638",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=129916880600544&w=2"
},
{
"name" : "SSRT100339",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=129916880600544&w=2"
},
{
"name" : "SSRT100475",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=130497251507577&w=2"
},
{
"name" : "MDVSA-2010:248",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"
},
{
"name" : "RHSA-2010:0979",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0979.html"
},
{
"name" : "RHSA-2010:0977",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
},
{
"name" : "RHSA-2010:0978",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0978.html"
},
{
"name" : "RHSA-2011:0896",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"name" : "SSA:2010-340-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471"
},
{
"name" : "SUSE-SR:2011:001",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
},
{
"name" : "SUSE-SU-2011:0847",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
},
{
"name" : "openSUSE-SU-2011:0845",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
},
{
"name" : "SUSE-SR:2011:009",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name" : "USN-1029-1",
"refsource" : "UBUNTU",
"url" : "http://ubuntu.com/usn/usn-1029-1"
},
{
"name" : "VU#737740",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/737740"
},
{
"name" : "45164",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45164"
},
{
"name" : "69565",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/69565"
},
{
"name" : "oval:org.mitre.oval:def:18910",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"
},
{
"name" : "1024822",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024822"
},
{
"name" : "42473",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42473"
},
{
"name" : "42469",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42469"
},
{
"name" : "42493",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42493"
},
{
"name" : "42571",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42571"
},
{
"name" : "42620",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42620"
},
{
"name" : "42811",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42811"
},
{
"name" : "42877",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42877"
},
{
"name" : "43169",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43169"
},
{
"name" : "43170",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43170"
},
{
"name" : "43171",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43171"
},
{
"name" : "43172",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43172"
},
{
"name" : "43173",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43173"
},
{
"name" : "44269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44269"
},
{
"name" : "ADV-2010-3120",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3120"
},
{
"name" : "ADV-2010-3122",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3122"
},
{
"name" : "ADV-2010-3134",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3134"
},
{
"name" : "ADV-2010-3188",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/3188"
},
{
"name" : "ADV-2011-0032",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0032"
},
{
"name" : "ADV-2011-0076",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0076"
},
{
"name" : "ADV-2011-0268",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0268"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SR:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
},
{
"name": "1024822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024822"
},
{
"name": "42473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42473"
},
{
"name": "42571",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42571"
},
{
"name": "43170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43170"
},
{
"name": "SSA:2010-340-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471"
},
{
"name": "ADV-2011-0268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0268"
},
{
"name": "SUSE-SR:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"name": "http://support.apple.com/kb/HT4723",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4723"
},
{
"name": "SUSE-SU-2011:0847",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
},
{
"name": "42493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42493"
},
{
"name": "43173",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43173"
},
{
"name": "FEDORA-2010-18765",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"
},
{
"name": "ADV-2011-0032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0032"
},
{
"name": "openSUSE-SU-2011:0845",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
},
{
"name": "43171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43171"
},
{
"name": "42620",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42620"
},
{
"name": "SSRT100817",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "APPLE-SA-2011-06-23-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
},
{
"name": "USN-1029-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1029-1"
},
{
"name": "ADV-2010-3120",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3120"
},
{
"name": "FEDORA-2010-18736",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"
},
{
"name": "ADV-2010-3122",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3122"
},
{
"name": "43169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43169"
},
{
"name": "43172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43172"
},
{
"name": "HPSBHF02706",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2"
},
{
"name": "45164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45164"
},
{
"name": "69565",
"refsource": "OSVDB",
"url": "http://osvdb.org/69565"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=659462",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462"
},
{
"name": "VU#737740",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/737740"
},
{
"name": "42469",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42469"
},
{
"name": "HPSBMU02759",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/522176"
},
{
"name": "SSRT100475",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"
},
{
"name": "42877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42877"
},
{
"name": "http://cvs.openssl.org/chngview?cn=20131",
"refsource": "CONFIRM",
"url": "http://cvs.openssl.org/chngview?cn=20131"
},
{
"name": "RHSA-2010:0977",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
},
{
"name": "HPSBMA02658",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name": "SSRT100413",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name": "ADV-2010-3134",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3134"
},
{
"name": "ADV-2010-3188",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3188"
},
{
"name": "oval:org.mitre.oval:def:18910",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"
},
{
"name": "HPSBUX02638",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"
},
{
"name": "ADV-2011-0076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0076"
},
{
"name": "http://openssl.org/news/secadv_20101202.txt",
"refsource": "CONFIRM",
"url": "http://openssl.org/news/secadv_20101202.txt"
},
{
"name": "RHSA-2010:0978",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html"
},
{
"name": "44269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44269"
},
{
"name": "RHSA-2011:0896",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
},
{
"name": "DSA-2141",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2141"
},
{
"name": "HPSBOV02670",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2"
},
{
"name": "SSRT100613",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2"
},
{
"name": "SSRT100339",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2"
},
{
"name": "MDVSA-2010:248",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"
},
{
"name": "RHSA-2010:0979",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html"
},
{
"name": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST",
"refsource": "CONFIRM",
"url": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST"
},
{
"name": "42811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42811"
}
]
}
}

34
2010/4xxx/CVE-2010-4660.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4660",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4660",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2010/4xxx/CVE-2010-4807.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4807",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg24029452",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg24029452"
},
{
"name" : "PM36141",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM36141"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg24029452",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg24029452"
},
{
"name": "PM36141",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM36141"
}
]
}
}

150
2010/4xxx/CVE-2010-4814.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-4814",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "15531",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15531"
},
{
"name" : "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt"
},
{
"name" : "44854",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/44854"
},
{
"name" : "ahbs-index1-sql-injection(63268)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63268"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44854",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44854"
},
{
"name": "15531",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15531"
},
{
"name": "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt"
},
{
"name": "ahbs-index1-sql-injection(63268)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63268"
}
]
}
}

130
2010/5xxx/CVE-2010-5225.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5225",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/",
"refsource" : "MISC",
"url" : "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/"
},
{
"name" : "42489",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42489"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42489",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42489"
},
{
"name": "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/",
"refsource": "MISC",
"url": "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/"
}
]
}
}

130
2014/0xxx/CVE-2014-0546.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0546",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://helpx.adobe.com/security/products/reader/apsb14-19.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/reader/apsb14-19.html"
},
{
"name" : "1030711",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030711"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://helpx.adobe.com/security/products/reader/apsb14-19.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/reader/apsb14-19.html"
},
{
"name": "1030711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030711"
}
]
}
}

200
2014/0xxx/CVE-2014-0548.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0548",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2014-0548",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html",
"refsource" : "CONFIRM",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"name" : "GLSA-201409-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml"
},
{
"name" : "SUSE-SU-2014:1124",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"name" : "openSUSE-SU-2014:1110",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
},
{
"name" : "openSUSE-SU-2014:1130",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
},
{
"name" : "69705",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69705"
},
{
"name" : "1030822",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030822"
},
{
"name" : "61089",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61089"
},
{
"name" : "adobe-flash-cve20140548-sec-bypass(95818)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95818"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "adobe-flash-cve20140548-sec-bypass(95818)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95818"
},
{
"name": "GLSA-201409-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-05.xml"
},
{
"name": "61089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61089"
},
{
"name": "openSUSE-SU-2014:1130",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html"
},
{
"name": "openSUSE-SU-2014:1110",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html"
},
{
"name": "SUSE-SU-2014:1124",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html"
},
{
"name": "69705",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69705"
},
{
"name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html",
"refsource": "CONFIRM",
"url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html"
},
{
"name": "1030822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030822"
}
]
}
}

34
2014/0xxx/CVE-2014-0971.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0971",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-0971",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/1xxx/CVE-2014-1777.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1777",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-1777",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS14-035",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name" : "67869",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67869"
},
{
"name" : "1030370",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030370"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name": "67869",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67869"
},
{
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
}
]
}
}

34
2014/1xxx/CVE-2014-1873.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1873",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1873",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

240
2014/1xxx/CVE-2014-1875.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1875",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2014-1875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20140206 CVE Request: Capture::Tiny: insecure use of /tmp",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/267"
},
{
"name" : "[oss-security] 20140206 Re: CVE Request: Capture::Tiny: insecure use of /tmp",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2014/q1/272"
},
{
"name" : "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes",
"refsource" : "CONFIRM",
"url" : "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1062424",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1062424"
},
{
"name" : "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924",
"refsource" : "CONFIRM",
"url" : "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924"
},
{
"name" : "https://github.com/dagolden/Capture-Tiny/issues/16",
"refsource" : "CONFIRM",
"url" : "https://github.com/dagolden/Capture-Tiny/issues/16"
},
{
"name" : "FEDORA-2014-2261",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128823.html"
},
{
"name" : "FEDORA-2014-2321",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128882.html"
},
{
"name" : "65475",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/65475"
},
{
"name" : "102963",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/102963"
},
{
"name" : "56823",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/56823"
},
{
"name" : "capturetiny-perl-symlink(91464)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91464"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65475"
},
{
"name": "capturetiny-perl-symlink(91464)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91464"
},
{
"name": "56823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56823"
},
{
"name": "FEDORA-2014-2261",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128823.html"
},
{
"name": "102963",
"refsource": "OSVDB",
"url": "http://osvdb.org/102963"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062424",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062424"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835"
},
{
"name": "FEDORA-2014-2321",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128882.html"
},
{
"name": "[oss-security] 20140206 CVE Request: Capture::Tiny: insecure use of /tmp",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/267"
},
{
"name": "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes",
"refsource": "CONFIRM",
"url": "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes"
},
{
"name": "[oss-security] 20140206 Re: CVE Request: Capture::Tiny: insecure use of /tmp",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/272"
},
{
"name": "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924",
"refsource": "CONFIRM",
"url": "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924"
},
{
"name": "https://github.com/dagolden/Capture-Tiny/issues/16",
"refsource": "CONFIRM",
"url": "https://github.com/dagolden/Capture-Tiny/issues/16"
}
]
}
}

180
2014/4xxx/CVE-2014-4212.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4212",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name" : "68638",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68638"
},
{
"name" : "oracle-cpujul2014-cve20144212(94556)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94556"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "68638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68638"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name": "oracle-cpujul2014-cve20144212(94556)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94556"
}
]
}
}

170
2014/4xxx/CVE-2014-4255.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4255",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Security and Policy."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-4255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name" : "68575",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68575"
},
{
"name" : "oracle-cpujul2014-cve20144255(94544)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94544"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Security and Policy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68575"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
},
{
"name": "oracle-cpujul2014-cve20144255(94544)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94544"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
},
{
"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/23"
}
]
}
}

150
2014/4xxx/CVE-2014-4736.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4736",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20140723 SQL Injection in Ð?2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/532867/100/0/threaded"
},
{
"name" : "https://www.htbridge.com/advisory/HTB23222",
"refsource" : "MISC",
"url" : "https://www.htbridge.com/advisory/HTB23222"
},
{
"name" : "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html"
},
{
"name" : "68843",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68843"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68843"
},
{
"name": "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html"
},
{
"name": "20140723 SQL Injection in Ð?2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532867/100/0/threaded"
},
{
"name": "https://www.htbridge.com/advisory/HTB23222",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23222"
}
]
}
}

170
2014/4xxx/CVE-2014-4823.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-4823",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-4823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name" : "IV64910",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
},
{
"name" : "IV64919",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name" : "61278",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61278"
},
{
"name" : "61294",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/61294"
},
{
"name" : "ibm-sam-cve20144823-command-injection(95573)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466"
},
{
"name": "ibm-sam-cve20144823-command-injection(95573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573"
},
{
"name": "IV64919",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919"
},
{
"name": "61294",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61294"
},
{
"name": "61278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61278"
},
{
"name": "IV64910",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910"
}
]
}
}

150
2014/9xxx/CVE-2014-9129.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9129",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20141202 CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/534132/100/0/threaded"
},
{
"name" : "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html"
},
{
"name" : "https://downloadsmanager.cminds.com/release-notes/",
"refsource" : "CONFIRM",
"url" : "https://downloadsmanager.cminds.com/release-notes/"
},
{
"name" : "71418",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/71418"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://downloadsmanager.cminds.com/release-notes/",
"refsource": "CONFIRM",
"url": "https://downloadsmanager.cminds.com/release-notes/"
},
{
"name": "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html"
},
{
"name": "20141202 CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/534132/100/0/threaded"
},
{
"name": "71418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71418"
}
]
}
}

34
2014/9xxx/CVE-2014-9553.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9553",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9553",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/9xxx/CVE-2014-9604.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9604",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f"
},
{
"name" : "GLSA-201603-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-06"
},
{
"name" : "USN-2534-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2534-1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f"
},
{
"name": "USN-2534-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2534-1"
},
{
"name": "GLSA-201603-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-06"
}
]
}
}

220
2014/9xxx/CVE-2014-9970.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-9970",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "jasypt before 1.9.2 allows a timing attack against the password hash comparison."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-9970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://sourceforge.net/p/jasypt/code/668/",
"refsource" : "CONFIRM",
"url" : "https://sourceforge.net/p/jasypt/code/668/"
},
{
"name" : "RHSA-2017:3141",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:3141"
},
{
"name" : "RHSA-2017:2808",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name" : "RHSA-2017:2809",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name" : "RHSA-2017:2810",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name" : "RHSA-2017:2811",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2811"
},
{
"name" : "RHSA-2017:2546",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2546"
},
{
"name" : "RHSA-2017:2547",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2547"
},
{
"name" : "RHSA-2018:0294",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:0294"
},
{
"name" : "1039744",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039744"
},
{
"name" : "1040360",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040360"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jasypt before 1.9.2 allows a timing attack against the password hash comparison."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040360",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040360"
},
{
"name": "RHSA-2017:2809",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2809"
},
{
"name": "RHSA-2017:2547",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2547"
},
{
"name": "RHSA-2017:2810",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2810"
},
{
"name": "1039744",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039744"
},
{
"name": "RHSA-2018:0294",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0294"
},
{
"name": "RHSA-2017:2808",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2808"
},
{
"name": "RHSA-2017:2546",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2546"
},
{
"name": "https://sourceforge.net/p/jasypt/code/668/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/jasypt/code/668/"
},
{
"name": "RHSA-2017:3141",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3141"
},
{
"name": "RHSA-2017:2811",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2811"
}
]
}
}

150
2016/3xxx/CVE-2016-3202.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3202",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-3202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-063",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
},
{
"name" : "MS16-068",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068"
},
{
"name" : "1036096",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036096"
},
{
"name" : "1036099",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036099"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-063",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
},
{
"name": "1036099",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036099"
},
{
"name": "1036096",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036096"
},
{
"name": "MS16-068",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068"
}
]
}
}

150
2016/3xxx/CVE-2016-3569.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3569",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-3569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91859",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91859"
},
{
"name" : "1036393",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036393"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "91859",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91859"
},
{
"name": "1036393",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036393"
}
]
}
}

160
2016/3xxx/CVE-2016-3619.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3619",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the \"-c none\" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160407 CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/07/1"
},
{
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2567",
"refsource" : "MISC",
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2567"
},
{
"name" : "GLSA-201701-16",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-16"
},
{
"name" : "85919",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/85919"
},
{
"name" : "1035508",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035508"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the \"-c none\" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035508",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035508"
},
{
"name": "[oss-security] 20160407 CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/07/1"
},
{
"name": "GLSA-201701-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-16"
},
{
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2567",
"refsource": "MISC",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2567"
},
{
"name": "85919",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85919"
}
]
}
}

130
2016/3xxx/CVE-2016-3842.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3842",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name" : "92220",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92220"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"name": "92220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92220"
}
]
}
}

200
2016/3xxx/CVE-2016-3960.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-3960",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-3960",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://xenbits.xen.org/xsa/advisory-173.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-173.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name" : "http://support.citrix.com/article/CTX209443",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX209443"
},
{
"name" : "DSA-3554",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3554"
},
{
"name" : "FEDORA-2016-35d7b09908",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html"
},
{
"name" : "FEDORA-2016-48e72b7bc5",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html"
},
{
"name" : "FEDORA-2016-75063477ca",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html"
},
{
"name" : "86318",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/86318"
},
{
"name" : "1035587",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035587"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "1035587",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035587"
},
{
"name": "FEDORA-2016-48e72b7bc5",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html"
},
{
"name": "FEDORA-2016-35d7b09908",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-173.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-173.html"
},
{
"name": "FEDORA-2016-75063477ca",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html"
},
{
"name": "http://support.citrix.com/article/CTX209443",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX209443"
},
{
"name": "86318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86318"
},
{
"name": "DSA-3554",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3554"
}
]
}
}

162
2016/6xxx/CVE-2016-6021.json
View File

@ -1,83 +1,83 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-04T00:00:00",
"ID" : "CVE-2016-6021",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Emptoris Strategic Supply Management",
"version" : {
"version_data" : [
{
"version_value" : "10.0.0.0"
},
{
"version_value" : "10.0.1.0"
},
{
"version_value" : "10.0.2.0"
},
{
"version_value" : "10.0.4.0"
},
{
"version_value" : "10.1.0.0"
},
{
"version_value" : "10.1.1.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116755."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-04T00:00:00",
"ID": "CVE-2016-6021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Emptoris Strategic Supply Management",
"version": {
"version_data": [
{
"version_value": "10.0.0.0"
},
{
"version_value": "10.0.1.0"
},
{
"version_value": "10.0.2.0"
},
{
"version_value": "10.0.4.0"
},
{
"version_value": "10.1.0.0"
},
{
"version_value": "10.1.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006799",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006799"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116755."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006799",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006799"
}
]
}
}

160
2016/6xxx/CVE-2016-6283.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6283",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-6283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "40989",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/40989/"
},
{
"name" : "20170103 Persisted Cross-Site Scripting (XSS) in Confluence Jira Software",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2017/Jan/3"
},
{
"name" : "20170106 Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2017/Jan/12"
},
{
"name" : "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html"
},
{
"name" : "95288",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95288"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95288"
},
{
"name": "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html"
},
{
"name": "20170106 Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2017/Jan/12"
},
{
"name": "20170103 Persisted Cross-Site Scripting (XSS) in Confluence Jira Software",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2017/Jan/3"
},
{
"name": "40989",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40989/"
}
]
}
}

140
2016/7xxx/CVE-2016-7254.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2016-7254",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka \"SQL RDBMS Engine Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-7254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-136",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136"
},
{
"name" : "94061",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94061"
},
{
"name" : "1037250",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037250"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka \"SQL RDBMS Engine Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037250",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037250"
},
{
"name": "MS16-136",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136"
},
{
"name": "94061",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94061"
}
]
}
}

34
2016/7xxx/CVE-2016-7357.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7357",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7357",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/7xxx/CVE-2016-7682.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7682",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7682",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

34
2016/7xxx/CVE-2016-7756.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-7756",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-7756",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

140
2016/7xxx/CVE-2016-7811.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-7811",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "CG-WLR300NX",
"version" : {
"version_data" : [
{
"version_value" : "firmware Ver. 1.20 and earlier"
}
]
}
}
]
},
"vendor_name" : "Corega Inc"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Fails to restrict access"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7811",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CG-WLR300NX",
"version": {
"version_data": [
{
"version_value": "firmware Ver. 1.20 and earlier"
}
]
}
}
]
},
"vendor_name": "Corega Inc"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://corega.jp/support/security/20161111_wlr300nx.htm",
"refsource" : "CONFIRM",
"url" : "http://corega.jp/support/security/20161111_wlr300nx.htm"
},
{
"name" : "JVN#23549283",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN23549283/index.html"
},
{
"name" : "94248",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94248"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Fails to restrict access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#23549283",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN23549283/index.html"
},
{
"name": "http://corega.jp/support/security/20161111_wlr300nx.htm",
"refsource": "CONFIRM",
"url": "http://corega.jp/support/security/20161111_wlr300nx.htm"
},
{
"name": "94248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94248"
}
]
}
}

130
2016/8xxx/CVE-2016-8221.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@lenovo.com",
"ID" : "CVE-2016-8221",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "XClarity Administrator (LXCA)",
"version" : {
"version_data" : [
{
"version_value" : "1.2.0"
}
]
}
}
]
},
"vendor_name" : "Lenovo Group Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"ID": "CVE-2016-8221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "XClarity Administrator (LXCA)",
"version": {
"version_data": [
{
"version_value": "1.2.0"
}
]
}
}
]
},
"vendor_name": "Lenovo Group Ltd."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.lenovo.com/us/en/product_security/LEN_10605",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/product_security/LEN_10605"
},
{
"name" : "95417",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95417"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95417"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN_10605",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN_10605"
}
]
}
}

34
2016/8xxx/CVE-2016-8266.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8266",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8266",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

136
2016/8xxx/CVE-2016-8452.json
View File

@ -1,70 +1,70 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8452",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Kernel-3.10"
},
{
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name" : "95275",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95275"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "95275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95275"
}
]
}
}

242
2016/8xxx/CVE-2016-8623.json
View File

@ -1,123 +1,123 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psampaio@redhat.com",
"ID" : "CVE-2016-8623",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "curl",
"version" : {
"version_data" : [
{
"version_value" : "7.51.0"
}
]
}
}
]
},
"vendor_name" : "The Curl Project"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "3.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version" : "3.0"
}
],
[
{
"vectorString" : "4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version" : "2.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-8623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "curl",
"version": {
"version_data": [
{
"version_value": "7.51.0"
}
]
}
}
]
},
"vendor_name": "The Curl Project"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://curl.haxx.se/docs/adv_20161102I.html",
"refsource" : "CONFIRM",
"url" : "https://curl.haxx.se/docs/adv_20161102I.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623"
},
{
"name" : "https://curl.haxx.se/CVE-2016-8623.patch",
"refsource" : "CONFIRM",
"url" : "https://curl.haxx.se/CVE-2016-8623.patch"
},
{
"name" : "https://www.tenable.com/security/tns-2016-21",
"refsource" : "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-21"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name" : "GLSA-201701-47",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-47"
},
{
"name" : "RHSA-2018:2486",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name" : "RHSA-2018:3558",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name" : "94106",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94106"
},
{
"name" : "1037192",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037192"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
[
{
"vectorString": "4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623"
},
{
"name": "RHSA-2018:3558",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3558"
},
{
"name": "https://curl.haxx.se/docs/adv_20161102I.html",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/docs/adv_20161102I.html"
},
{
"name": "94106",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94106"
},
{
"name": "https://www.tenable.com/security/tns-2016-21",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-21"
},
{
"name": "1037192",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037192"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
},
{
"name": "https://curl.haxx.se/CVE-2016-8623.patch",
"refsource": "CONFIRM",
"url": "https://curl.haxx.se/CVE-2016-8623.patch"
},
{
"name": "RHSA-2018:2486",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2486"
},
{
"name": "GLSA-201701-47",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-47"
}
]
}
}

34
2016/8xxx/CVE-2016-8854.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8854",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8854",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

120
2016/9xxx/CVE-2016-9596.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-9596",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1408302",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1408302"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1408302",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408302"
}
]
}
}

34
2016/9xxx/CVE-2016-9616.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9616",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-9616",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}