From fb661ab278ccca3b36f0a3c2216e78d25e12b7f2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:44:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/1xxx/CVE-2006-1580.json | 180 +++++----- 2006/1xxx/CVE-2006-1731.json | 670 +++++++++++++++++------------------ 2006/5xxx/CVE-2006-5074.json | 160 ++++----- 2006/5xxx/CVE-2006-5247.json | 180 +++++----- 2006/5xxx/CVE-2006-5698.json | 34 +- 2006/5xxx/CVE-2006-5862.json | 160 ++++----- 2007/2xxx/CVE-2007-2022.json | 440 +++++++++++------------ 2007/2xxx/CVE-2007-2232.json | 150 ++++---- 2007/2xxx/CVE-2007-2384.json | 130 +++---- 2007/2xxx/CVE-2007-2631.json | 140 ++++---- 2007/2xxx/CVE-2007-2709.json | 170 ++++----- 2007/6xxx/CVE-2007-6575.json | 150 ++++---- 2010/0xxx/CVE-2010-0633.json | 180 +++++----- 2010/1xxx/CVE-2010-1010.json | 130 +++---- 2010/1xxx/CVE-2010-1089.json | 130 +++---- 2010/1xxx/CVE-2010-1202.json | 410 ++++++++++----------- 2010/1xxx/CVE-2010-1348.json | 180 +++++----- 2010/1xxx/CVE-2010-1394.json | 310 ++++++++-------- 2010/1xxx/CVE-2010-1665.json | 210 +++++------ 2010/4xxx/CVE-2010-4180.json | 660 +++++++++++++++++----------------- 2010/4xxx/CVE-2010-4660.json | 34 +- 2010/4xxx/CVE-2010-4807.json | 130 +++---- 2010/4xxx/CVE-2010-4814.json | 150 ++++---- 2010/5xxx/CVE-2010-5225.json | 130 +++---- 2014/0xxx/CVE-2014-0546.json | 130 +++---- 2014/0xxx/CVE-2014-0548.json | 200 +++++------ 2014/0xxx/CVE-2014-0971.json | 34 +- 2014/1xxx/CVE-2014-1777.json | 140 ++++---- 2014/1xxx/CVE-2014-1873.json | 34 +- 2014/1xxx/CVE-2014-1875.json | 240 ++++++------- 2014/4xxx/CVE-2014-4212.json | 180 +++++----- 2014/4xxx/CVE-2014-4255.json | 170 ++++----- 2014/4xxx/CVE-2014-4736.json | 150 ++++---- 2014/4xxx/CVE-2014-4823.json | 170 ++++----- 2014/9xxx/CVE-2014-9129.json | 150 ++++---- 2014/9xxx/CVE-2014-9553.json | 34 +- 2014/9xxx/CVE-2014-9604.json | 140 ++++---- 2014/9xxx/CVE-2014-9970.json | 220 ++++++------ 2016/3xxx/CVE-2016-3202.json | 150 ++++---- 2016/3xxx/CVE-2016-3569.json | 150 ++++---- 2016/3xxx/CVE-2016-3619.json | 160 ++++----- 2016/3xxx/CVE-2016-3842.json | 130 +++---- 2016/3xxx/CVE-2016-3960.json | 200 +++++------ 2016/6xxx/CVE-2016-6021.json | 162 ++++----- 2016/6xxx/CVE-2016-6283.json | 160 ++++----- 2016/7xxx/CVE-2016-7254.json | 140 ++++---- 2016/7xxx/CVE-2016-7357.json | 34 +- 2016/7xxx/CVE-2016-7682.json | 34 +- 2016/7xxx/CVE-2016-7756.json | 34 +- 2016/7xxx/CVE-2016-7811.json | 140 ++++---- 2016/8xxx/CVE-2016-8221.json | 130 +++---- 2016/8xxx/CVE-2016-8266.json | 34 +- 2016/8xxx/CVE-2016-8452.json | 136 +++---- 2016/8xxx/CVE-2016-8623.json | 242 ++++++------- 2016/8xxx/CVE-2016-8854.json | 34 +- 2016/9xxx/CVE-2016-9596.json | 120 +++---- 2016/9xxx/CVE-2016-9616.json | 34 +- 57 files changed, 4717 insertions(+), 4717 deletions(-) diff --git a/2006/1xxx/CVE-2006-1580.json b/2006/1xxx/CVE-2006-1580.json index d4255d74f82..922647c7593 100644 --- a/2006/1xxx/CVE-2006-1580.json +++ b/2006/1xxx/CVE-2006-1580.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html" - }, - { - "name" : "17351", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17351" - }, - { - "name" : "ADV-2006-1195", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1195" - }, - { - "name" : "24328", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24328" - }, - { - "name" : "24329", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24329" - }, - { - "name" : "19492", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19492" - }, - { - "name" : "bugzero-query-edit-xss(25601)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25601" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17351", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17351" + }, + { + "name": "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html", + "refsource": "MISC", + "url": "http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html" + }, + { + "name": "bugzero-query-edit-xss(25601)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25601" + }, + { + "name": "ADV-2006-1195", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1195" + }, + { + "name": "19492", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19492" + }, + { + "name": "24328", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24328" + }, + { + "name": "24329", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24329" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1731.json b/2006/1xxx/CVE-2006-1731.json index 31a511da1ba..66dd2f856c0 100644 --- a/2006/1xxx/CVE-2006-1731.json +++ b/2006/1xxx/CVE-2006-1731.json @@ -1,337 +1,337 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1731", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-1731", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" - }, - { - "name" : "DSA-1044", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1044" - }, - { - "name" : "DSA-1046", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1046" - }, - { - "name" : "DSA-1051", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1051" - }, - { - "name" : "FEDORA-2006-410", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" - }, - { - "name" : "FEDORA-2006-411", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" - }, - { - "name" : "FLSA:189137-1", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/436296/100/0/threaded" - }, - { - "name" : "FLSA:189137-2", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/436338/100/0/threaded" - }, - { - "name" : "GLSA-200604-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" - }, - { - "name" : "GLSA-200604-18", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" - }, - { - "name" : "GLSA-200605-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" - }, - { - "name" : "HPSBUX02122", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" - }, - { - "name" : "SSRT061158", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/438730/100/0/threaded" - }, - { - "name" : "MDKSA-2006:075", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" - }, - { - "name" : "MDKSA-2006:076", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" - }, - { - "name" : "MDKSA-2006:078", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" - }, - { - "name" : "RHSA-2006:0328", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0328.html" - }, - { - "name" : "RHSA-2006:0329", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0329.html" - }, - { - "name" : "RHSA-2006:0330", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0330.html" - }, - { - "name" : "SCOSA-2006.26", - "refsource" : "SCO", - "url" : "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" - }, - { - "name" : "20060404-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" - }, - { - "name" : "102550", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" - }, - { - "name" : "228526", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" - }, - { - "name" : "SUSE-SA:2006:022", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_04_25.html" - }, - { - "name" : "SUSE-SA:2006:021", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" - }, - { - "name" : "USN-275-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/275-1/" - }, - { - "name" : "USN-276-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/276-1/" - }, - { - "name" : "USN-271-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/271-1/" - }, - { - "name" : "17516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17516" - }, - { - "name" : "oval:org.mitre.oval:def:9604", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604" - }, - { - "name" : "ADV-2006-1356", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1356" - }, - { - "name" : "ADV-2006-3391", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3391" - }, - { - "name" : "oval:org.mitre.oval:def:1955", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955" - }, - { - "name" : "19631", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19631" - }, - { - "name" : "19759", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19759" - }, - { - "name" : "19794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19794" - }, - { - "name" : "19821", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19821" - }, - { - "name" : "19811", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19811" - }, - { - "name" : "19823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19823" - }, - { - "name" : "19852", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19852" - }, - { - "name" : "19862", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19862" - }, - { - "name" : "19863", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19863" - }, - { - "name" : "19902", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19902" - }, - { - "name" : "19950", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19950" - }, - { - "name" : "19941", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19941" - }, - { - "name" : "19714", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19714" - }, - { - "name" : "19721", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19721" - }, - { - "name" : "19746", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19746" - }, - { - "name" : "21033", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21033" - }, - { - "name" : "21622", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21622" - }, - { - "name" : "19696", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19696" - }, - { - "name" : "19729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19729" - }, - { - "name" : "19780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19780" - }, - { - "name" : "20051", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20051" - }, - { - "name" : "mozilla-valueof-xss(25820)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25820" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are called without any arguments, which allows remote attackers to conduct cross-site scripting (XSS) attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-275-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/275-1/" + }, + { + "name": "RHSA-2006:0330", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0330.html" + }, + { + "name": "19902", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19902" + }, + { + "name": "20060404-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060404-01-U.asc" + }, + { + "name": "USN-276-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/276-1/" + }, + { + "name": "HPSBUX02122", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" + }, + { + "name": "19941", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19941" + }, + { + "name": "19780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19780" + }, + { + "name": "RHSA-2006:0328", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0328.html" + }, + { + "name": "19821", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19821" + }, + { + "name": "GLSA-200604-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml" + }, + { + "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-19.html" + }, + { + "name": "21622", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21622" + }, + { + "name": "19862", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19862" + }, + { + "name": "MDKSA-2006:075", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:075" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm" + }, + { + "name": "19823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19823" + }, + { + "name": "DSA-1051", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1051" + }, + { + "name": "FEDORA-2006-410", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html" + }, + { + "name": "USN-271-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/271-1/" + }, + { + "name": "oval:org.mitre.oval:def:1955", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1955" + }, + { + "name": "19714", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19714" + }, + { + "name": "RHSA-2006:0329", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0329.html" + }, + { + "name": "GLSA-200604-18", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml" + }, + { + "name": "19811", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19811" + }, + { + "name": "19794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19794" + }, + { + "name": "19746", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19746" + }, + { + "name": "21033", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21033" + }, + { + "name": "102550", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1" + }, + { + "name": "19696", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19696" + }, + { + "name": "19759", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19759" + }, + { + "name": "SUSE-SA:2006:021", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html" + }, + { + "name": "FLSA:189137-2", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/436338/100/0/threaded" + }, + { + "name": "ADV-2006-1356", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1356" + }, + { + "name": "oval:org.mitre.oval:def:9604", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9604" + }, + { + "name": "SSRT061158", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded" + }, + { + "name": "mozilla-valueof-xss(25820)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25820" + }, + { + "name": "MDKSA-2006:078", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:078" + }, + { + "name": "19729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19729" + }, + { + "name": "20051", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20051" + }, + { + "name": "19863", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19863" + }, + { + "name": "SCOSA-2006.26", + "refsource": "SCO", + "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt" + }, + { + "name": "FLSA:189137-1", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/436296/100/0/threaded" + }, + { + "name": "17516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17516" + }, + { + "name": "228526", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1" + }, + { + "name": "FEDORA-2006-411", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html" + }, + { + "name": "19852", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19852" + }, + { + "name": "19721", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19721" + }, + { + "name": "SUSE-SA:2006:022", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_04_25.html" + }, + { + "name": "GLSA-200605-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml" + }, + { + "name": "ADV-2006-3391", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3391" + }, + { + "name": "19631", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19631" + }, + { + "name": "19950", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19950" + }, + { + "name": "MDKSA-2006:076", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:076" + }, + { + "name": "DSA-1046", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1046" + }, + { + "name": "DSA-1044", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1044" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5074.json b/2006/5xxx/CVE-2006-5074.json index bb13c8e541c..f3b758b1158 100644 --- a/2006/5xxx/CVE-2006-5074.json +++ b/2006/5xxx/CVE-2006-5074.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5074", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5074", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060926 PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447015/100/0/threaded" - }, - { - "name" : "20221", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20221" - }, - { - "name" : "ADV-2006-3795", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3795" - }, - { - "name" : "22123", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22123" - }, - { - "name" : "1652", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1652" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in home.php in PHP Invoice 2.2 allows remote attackers to inject arbitrary web script or HTML via the alert parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-3795", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3795" + }, + { + "name": "20221", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20221" + }, + { + "name": "20060926 PHP Invoice 2.2 (Billing and client Management) home.php Xss vuln.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447015/100/0/threaded" + }, + { + "name": "22123", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22123" + }, + { + "name": "1652", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1652" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5247.json b/2006/5xxx/CVE-2006-5247.json index 75030a4424c..6be1daa0296 100644 --- a/2006/5xxx/CVE-2006-5247.json +++ b/2006/5xxx/CVE-2006-5247.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5247", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5247", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061010 MHL-2006-001 Public Advisory: \"Eazy Cart\" Multiple Security Issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/448094/100/0/threaded" - }, - { - "name" : "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt", - "refsource" : "MISC", - "url" : "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt" - }, - { - "name" : "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001", - "refsource" : "MISC", - "url" : "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001" - }, - { - "name" : "1017041", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017041" - }, - { - "name" : "22286", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22286" - }, - { - "name" : "1717", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1717" - }, - { - "name" : "eazycart-easycart-xss(29421)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29421" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Eazy Cart allow remote attackers to inject arbitrary web script or HTML via easycart.php, possibly related to the (1) des and (2) qty parameters in an add action, and via other unspecified vectors. NOTE: some details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1717", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1717" + }, + { + "name": "eazycart-easycart-xss(29421)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29421" + }, + { + "name": "20061010 MHL-2006-001 Public Advisory: \"Eazy Cart\" Multiple Security Issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/448094/100/0/threaded" + }, + { + "name": "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001", + "refsource": "MISC", + "url": "http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001" + }, + { + "name": "1017041", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017041" + }, + { + "name": "22286", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22286" + }, + { + "name": "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt", + "refsource": "MISC", + "url": "http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5698.json b/2006/5xxx/CVE-2006-5698.json index 331cb05acb8..76b9444e5ac 100644 --- a/2006/5xxx/CVE-2006-5698.json +++ b/2006/5xxx/CVE-2006-5698.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5698", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-5698", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5862.json b/2006/5xxx/CVE-2006-5862.json index bdff0004af5..5bdf3bd063e 100644 --- a/2006/5xxx/CVE-2006-5862.json +++ b/2006/5xxx/CVE-2006-5862.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5862", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=461986", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=461986" - }, - { - "name" : "20995", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20995" - }, - { - "name" : "ADV-2006-4447", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4447" - }, - { - "name" : "22766", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22766" - }, - { - "name" : "nav-web-interface-code-execution(30174)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30174" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the session mechanism of the web interface for Network Administration Visualized (NAV) before 3.1.1 allows attackers with filesystem write access to have an unknown impact via unknown attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4447", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4447" + }, + { + "name": "22766", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22766" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=461986", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=461986" + }, + { + "name": "nav-web-interface-code-execution(30174)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30174" + }, + { + "name": "20995", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20995" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2022.json b/2007/2xxx/CVE-2007-2022.json index 95d42e75485..3d32b292a19 100644 --- a/2007/2xxx/CVE-2007-2022.json +++ b/2007/2xxx/CVE-2007-2022.json @@ -1,222 +1,222 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/advisories/apsa07-03.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/advisories/apsa07-03.html" - }, - { - "name" : "http://www.opera.com/support/search/view/858/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/support/search/view/858/" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1462", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1462" - }, - { - "name" : "GLSA-200708-01", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml" - }, - { - "name" : "MDKSA-2007:138", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:138" - }, - { - "name" : "RHSA-2007:0494", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0494.html" - }, - { - "name" : "20070602-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" - }, - { - "name" : "103167", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1" - }, - { - "name" : "201506", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1" - }, - { - "name" : "SUSE-SA:2007:028", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_28_opera.html" - }, - { - "name" : "SUSE-SR:2007:012", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_12_sr.html" - }, - { - "name" : "SUSE-SA:2007:046", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html" - }, - { - "name" : "TA07-192A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-192A.html" - }, - { - "name" : "23437", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23437" - }, - { - "name" : "oval:org.mitre.oval:def:9332", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332" - }, - { - "name" : "ADV-2007-1361", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1361" - }, - { - "name" : "ADV-2007-2497", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2497" - }, - { - "name" : "ADV-2007-4190", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4190" - }, - { - "name" : "1017903", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017903" - }, - { - "name" : "24877", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24877" - }, - { - "name" : "25027", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25027" - }, - { - "name" : "25432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25432" - }, - { - "name" : "25662", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25662" - }, - { - "name" : "25669", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25669" - }, - { - "name" : "25894", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25894" - }, - { - "name" : "25933", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25933" - }, - { - "name" : "26027", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26027" - }, - { - "name" : "26118", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26118" - }, - { - "name" : "26357", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26357" - }, - { - "name" : "26860", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26860" - }, - { - "name" : "28068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28068" - }, - { - "name" : "opera-flash-player-unspecified(33595)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33595" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28068" + }, + { + "name": "opera-flash-player-unspecified(33595)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33595" + }, + { + "name": "25894", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25894" + }, + { + "name": "26357", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26357" + }, + { + "name": "SUSE-SA:2007:046", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html" + }, + { + "name": "26860", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26860" + }, + { + "name": "201506", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1" + }, + { + "name": "25669", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25669" + }, + { + "name": "ADV-2007-4190", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4190" + }, + { + "name": "MDKSA-2007:138", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:138" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1462", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1462" + }, + { + "name": "23437", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23437" + }, + { + "name": "GLSA-200708-01", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml" + }, + { + "name": "24877", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24877" + }, + { + "name": "26027", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26027" + }, + { + "name": "SUSE-SR:2007:012", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_12_sr.html" + }, + { + "name": "RHSA-2007:0494", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0494.html" + }, + { + "name": "TA07-192A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-192A.html" + }, + { + "name": "oval:org.mitre.oval:def:9332", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9332" + }, + { + "name": "ADV-2007-1361", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1361" + }, + { + "name": "26118", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26118" + }, + { + "name": "http://www.adobe.com/support/security/advisories/apsa07-03.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/advisories/apsa07-03.html" + }, + { + "name": "25027", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25027" + }, + { + "name": "SUSE-SA:2007:028", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_28_opera.html" + }, + { + "name": "http://www.opera.com/support/search/view/858/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/support/search/view/858/" + }, + { + "name": "25933", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25933" + }, + { + "name": "ADV-2007-2497", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2497" + }, + { + "name": "103167", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1" + }, + { + "name": "1017903", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017903" + }, + { + "name": "20070602-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" + }, + { + "name": "25662", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25662" + }, + { + "name": "25432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25432" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb07-12.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb07-12.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2232.json b/2007/2xxx/CVE-2007-2232.json index 20f6f982947..70c5f5281bc 100644 --- a/2007/2xxx/CVE-2007-2232.json +++ b/2007/2xxx/CVE-2007-2232.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2232", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\\r) sequences in the cosign cookie parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2232", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070411 Cosign SSO Authentication Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465386/100/100/threaded" - }, - { - "name" : "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt", - "refsource" : "CONFIRM", - "url" : "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt" - }, - { - "name" : "ADV-2007-1359", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1359" - }, - { - "name" : "24845", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CHECK command in Cosign 2.0.1 and earlier allows remote attackers to bypass authentication requirements via CR (\\r) sequences in the cosign cookie parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070411 Cosign SSO Authentication Bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465386/100/100/threaded" + }, + { + "name": "24845", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24845" + }, + { + "name": "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt", + "refsource": "CONFIRM", + "url": "http://www.umich.edu/~umweb/software/cosign/cosign-vuln-2007-001.txt" + }, + { + "name": "ADV-2007-1359", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1359" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2384.json b/2007/2xxx/CVE-2007-2384.json index 723d01d6f7e..bcb4b1d236a 100644 --- a/2007/2xxx/CVE-2007-2384.json +++ b/2007/2xxx/CVE-2007-2384.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2384", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Script.aculo.us framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2384", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", - "refsource" : "MISC", - "url" : "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf" - }, - { - "name" : "43319", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43319" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Script.aculo.us framework exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other JavaScript code, aka \"JavaScript Hijacking.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf", + "refsource": "MISC", + "url": "http://www.fortifysoftware.com/servlet/downloads/public/JavaScript_Hijacking.pdf" + }, + { + "name": "43319", + "refsource": "OSVDB", + "url": "http://osvdb.org/43319" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2631.json b/2007/2xxx/CVE-2007-2631.json index f55e1011061..7647093db6f 100644 --- a/2007/2xxx/CVE-2007-2631.json +++ b/2007/2xxx/CVE-2007-2631.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070510 Re: squirrelmail CSRF vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468253/100/0/threaded" - }, - { - "name" : "20070510 squirrelmail CSRF vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/468220/100/0/threaded" - }, - { - "name" : "35890", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070510 Re: squirrelmail CSRF vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468253/100/0/threaded" + }, + { + "name": "20070510 squirrelmail CSRF vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/468220/100/0/threaded" + }, + { + "name": "35890", + "refsource": "OSVDB", + "url": "http://osvdb.org/35890" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2709.json b/2007/2xxx/CVE-2007-2709.json index 95cfb4731dd..10133ce9d65 100644 --- a/2007/2xxx/CVE-2007-2709.json +++ b/2007/2xxx/CVE-2007-2709.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2709", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2709", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3919", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3919" - }, - { - "name" : "23966", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23966" - }, - { - "name" : "36054", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36054" - }, - { - "name" : "ADV-2007-1800", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1800" - }, - { - "name" : "25274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25274" - }, - { - "name" : "nagiosql-prependadm-file-include(34268)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in functions/prepend_adm.php in NagiosQL 2005 2.00 allows remote attackers to execute arbitrary PHP code via a URL in the SETS[path][physical] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36054", + "refsource": "OSVDB", + "url": "http://osvdb.org/36054" + }, + { + "name": "nagiosql-prependadm-file-include(34268)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34268" + }, + { + "name": "25274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25274" + }, + { + "name": "ADV-2007-1800", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1800" + }, + { + "name": "23966", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23966" + }, + { + "name": "3919", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3919" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6575.json b/2007/6xxx/CVE-2007-6575.json index 3510651a441..230027f4a57 100644 --- a/2007/6xxx/CVE-2007-6575.json +++ b/2007/6xxx/CVE-2007-6575.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6575", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6575", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4776", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4776" - }, - { - "name" : "26995", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26995" - }, - { - "name" : "39761", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39761" - }, - { - "name" : "mmslamp-default-sql-injection(39220)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39220" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in default.php in MMSLamp allows remote attackers to execute arbitrary SQL commands via the idpro parameter in a prodotti_dettaglio action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mmslamp-default-sql-injection(39220)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39220" + }, + { + "name": "39761", + "refsource": "OSVDB", + "url": "http://osvdb.org/39761" + }, + { + "name": "26995", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26995" + }, + { + "name": "4776", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4776" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0633.json b/2010/0xxx/CVE-2010-0633.json index 6c02fc886f7..83be027f22c 100644 --- a/2010/0xxx/CVE-2010-0633.json +++ b/2010/0xxx/CVE-2010-0633.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0633", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0633", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.citrix.com/article/CTX123193", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX123193" - }, - { - "name" : "http://support.citrix.com/article/CTX123456", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX123456" - }, - { - "name" : "http://support.citrix.com/article/CTX123460", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX123460" - }, - { - "name" : "38052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38052" - }, - { - "name" : "1023530", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023530" - }, - { - "name" : "38431", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38431" - }, - { - "name" : "ADV-2010-0290", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0290" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.citrix.com/article/CTX123456", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX123456" + }, + { + "name": "http://support.citrix.com/article/CTX123193", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX123193" + }, + { + "name": "http://support.citrix.com/article/CTX123460", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX123460" + }, + { + "name": "38431", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38431" + }, + { + "name": "ADV-2010-0290", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0290" + }, + { + "name": "1023530", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023530" + }, + { + "name": "38052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38052" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1010.json b/2010/1xxx/CVE-2010-1010.json index 3bf6646c21a..f55b90b758f 100644 --- a/2010/1xxx/CVE-2010-1010.json +++ b/2010/1xxx/CVE-2010-1010.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1010", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1010", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" - }, - { - "name" : "38792", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38792" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" + }, + { + "name": "38792", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38792" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1089.json b/2010/1xxx/CVE-2010-1089.json index ed4488a4d06..00d4631baf6 100644 --- a/2010/1xxx/CVE-2010-1089.json +++ b/2010/1xxx/CVE-2010-1089.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1089", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1089", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt" - }, - { - "name" : "38763", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1003-exploits/phptroubleticket-sql.txt" + }, + { + "name": "38763", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38763" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1202.json b/2010/1xxx/CVE-2010-1202.json index c22e3c9bf85..3ed66752221 100644 --- a/2010/1xxx/CVE-2010-1202.json +++ b/2010/1xxx/CVE-2010-1202.json @@ -1,207 +1,207 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=424558", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=424558" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=526449", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=526449" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561031", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561031" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561592", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=561592" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100091069", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100091069" - }, - { - "name" : "FEDORA-2010-10344", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html" - }, - { - "name" : "FEDORA-2010-10361", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html" - }, - { - "name" : "MDVSA-2010:125", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:125" - }, - { - "name" : "RHSA-2010:0500", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0500.html" - }, - { - "name" : "RHSA-2010:0501", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0501.html" - }, - { - "name" : "SUSE-SA:2010:030", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html" - }, - { - "name" : "USN-930-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-930-1" - }, - { - "name" : "USN-930-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-930-2" - }, - { - "name" : "41050", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41050" - }, - { - "name" : "41094", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41094" - }, - { - "name" : "oval:org.mitre.oval:def:10889", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10889" - }, - { - "name" : "oval:org.mitre.oval:def:14308", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14308" - }, - { - "name" : "1024138", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024138" - }, - { - "name" : "1024139", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024139" - }, - { - "name" : "40323", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40323" - }, - { - "name" : "40326", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40326" - }, - { - "name" : "40401", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40401" - }, - { - "name" : "40481", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40481" - }, - { - "name" : "ADV-2010-1551", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1551" - }, - { - "name" : "ADV-2010-1557", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1557" - }, - { - "name" : "ADV-2010-1640", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1640" - }, - { - "name" : "ADV-2010-1773", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1773" - }, - { - "name" : "ADV-2010-1592", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1592" - }, - { - "name" : "firefox-javascript-ce(59661)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40481", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40481" + }, + { + "name": "USN-930-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-930-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=561031", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=561031" + }, + { + "name": "FEDORA-2010-10361", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043405.html" + }, + { + "name": "1024138", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024138" + }, + { + "name": "ADV-2010-1640", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1640" + }, + { + "name": "41050", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41050" + }, + { + "name": "RHSA-2010:0501", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0501.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=526449", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=526449" + }, + { + "name": "ADV-2010-1557", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1557" + }, + { + "name": "MDVSA-2010:125", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:125" + }, + { + "name": "ADV-2010-1773", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1773" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=424558", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=424558" + }, + { + "name": "firefox-javascript-ce(59661)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59661" + }, + { + "name": "ADV-2010-1592", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1592" + }, + { + "name": "oval:org.mitre.oval:def:10889", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10889" + }, + { + "name": "USN-930-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-930-2" + }, + { + "name": "ADV-2010-1551", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1551" + }, + { + "name": "RHSA-2010:0500", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0500.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=561592", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=561592" + }, + { + "name": "SUSE-SA:2010:030", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00005.html" + }, + { + "name": "40323", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40323" + }, + { + "name": "41094", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41094" + }, + { + "name": "40401", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40401" + }, + { + "name": "oval:org.mitre.oval:def:14308", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14308" + }, + { + "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-26.html" + }, + { + "name": "FEDORA-2010-10344", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043369.html" + }, + { + "name": "40326", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40326" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100091069", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100091069" + }, + { + "name": "1024139", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024139" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1348.json b/2010/1xxx/CVE-2010-1348.json index 0425620f169..9b67bdad0e0 100644 --- a/2010/1xxx/CVE-2010-1348.json +++ b/2010/1xxx/CVE-2010-1348.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PM08667", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667" - }, - { - "name" : "39306", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39306" - }, - { - "name" : "63594", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/63594" - }, - { - "name" : "1023830", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023830" - }, - { - "name" : "39305", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39305" - }, - { - "name" : "ADV-2010-0829", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0829" - }, - { - "name" : "websphere-login-unspecified(57613)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6.1.0.3 Cumulative Fix 03, has unknown impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "63594", + "refsource": "OSVDB", + "url": "http://osvdb.org/63594" + }, + { + "name": "39306", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39306" + }, + { + "name": "39305", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39305" + }, + { + "name": "ADV-2010-0829", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0829" + }, + { + "name": "1023830", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023830" + }, + { + "name": "PM08667", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM08667" + }, + { + "name": "websphere-login-unspecified(57613)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57613" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1394.json b/2010/1xxx/CVE-2010-1394.json index 23dc28ee303..0942c107eaa 100644 --- a/2010/1xxx/CVE-2010-1394.json +++ b/2010/1xxx/CVE-2010-1394.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1394", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-1394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4196", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4196" - }, - { - "name" : "http://support.apple.com/kb/HT4225", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4225" - }, - { - "name" : "http://support.apple.com/kb/HT4456", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4456" - }, - { - "name" : "APPLE-SA-2010-06-07-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" - }, - { - "name" : "APPLE-SA-2010-06-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" - }, - { - "name" : "APPLE-SA-2010-11-22-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "SUSE-SR:2011:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" - }, - { - "name" : "USN-1006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1006-1" - }, - { - "name" : "40620", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40620" - }, - { - "name" : "oval:org.mitre.oval:def:7552", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7552" - }, - { - "name" : "1024067", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1024067" - }, - { - "name" : "40105", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40105" - }, - { - "name" : "41856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41856" - }, - { - "name" : "42314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42314" - }, - { - "name" : "43068", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43068" - }, - { - "name" : "ADV-2010-1373", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1373" - }, - { - "name" : "ADV-2010-2722", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2722" - }, - { - "name" : "ADV-2011-0212", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0212" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to inject arbitrary web script or HTML via vectors involving HTML document fragments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "ADV-2010-2722", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2722" + }, + { + "name": "43068", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43068" + }, + { + "name": "USN-1006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1006-1" + }, + { + "name": "41856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41856" + }, + { + "name": "ADV-2011-0212", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0212" + }, + { + "name": "http://support.apple.com/kb/HT4225", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4225" + }, + { + "name": "APPLE-SA-2010-06-07-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" + }, + { + "name": "40105", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40105" + }, + { + "name": "ADV-2010-1373", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1373" + }, + { + "name": "SUSE-SR:2011:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html" + }, + { + "name": "oval:org.mitre.oval:def:7552", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7552" + }, + { + "name": "42314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42314" + }, + { + "name": "40620", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40620" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + }, + { + "name": "http://support.apple.com/kb/HT4456", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4456" + }, + { + "name": "1024067", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1024067" + }, + { + "name": "http://support.apple.com/kb/HT4196", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4196" + }, + { + "name": "APPLE-SA-2010-06-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" + }, + { + "name": "APPLE-SA-2010-11-22-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1665.json b/2010/1xxx/CVE-2010-1665.json index b00d2a91278..700da872e64 100644 --- a/2010/1xxx/CVE-2010-1665.json +++ b/2010/1xxx/CVE-2010-1665.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1665", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1665", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=42294", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=42294" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html" - }, - { - "name" : "MDVSA-2011:039", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" - }, - { - "name" : "USN-1006-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1006-1" - }, - { - "name" : "oval:org.mitre.oval:def:7034", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7034" - }, - { - "name" : "39651", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39651" - }, - { - "name" : "41856", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41856" - }, - { - "name" : "ADV-2010-1016", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1016" - }, - { - "name" : "ADV-2010-2722", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2722" - }, - { - "name" : "ADV-2011-0552", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2011:039", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:039" + }, + { + "name": "ADV-2010-2722", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2722" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=42294", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=42294" + }, + { + "name": "USN-1006-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1006-1" + }, + { + "name": "41856", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41856" + }, + { + "name": "39651", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39651" + }, + { + "name": "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/04/stable-update-bug-and-security-fixes.html" + }, + { + "name": "ADV-2010-1016", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1016" + }, + { + "name": "oval:org.mitre.oval:def:7034", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7034" + }, + { + "name": "ADV-2011-0552", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0552" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4180.json b/2010/4xxx/CVE-2010-4180.json index 9f45e6d0d25..a67c49fe948 100644 --- a/2010/4xxx/CVE-2010-4180.json +++ b/2010/4xxx/CVE-2010-4180.json @@ -1,332 +1,332 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cvs.openssl.org/chngview?cn=20131", - "refsource" : "CONFIRM", - "url" : "http://cvs.openssl.org/chngview?cn=20131" - }, - { - "name" : "http://openssl.org/news/secadv_20101202.txt", - "refsource" : "CONFIRM", - "url" : "http://openssl.org/news/secadv_20101202.txt" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=659462", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=659462" - }, - { - "name" : "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", - "refsource" : "CONFIRM", - "url" : "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST" - }, - { - "name" : "http://support.apple.com/kb/HT4723", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4723" - }, - { - "name" : "APPLE-SA-2011-06-23-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" - }, - { - "name" : "DSA-2141", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2141" - }, - { - "name" : "FEDORA-2010-18765", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html" - }, - { - "name" : "FEDORA-2010-18736", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html" - }, - { - "name" : "HPSBMA02658", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777" - }, - { - "name" : "SSRT100413", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777" - }, - { - "name" : "HPSBHF02706", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132077688910227&w=2" - }, - { - "name" : "SSRT100613", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132077688910227&w=2" - }, - { - "name" : "HPSBMU02759", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/522176" - }, - { - "name" : "SSRT100817", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/522176" - }, - { - "name" : "HPSBOV02670", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497251507577&w=2" - }, - { - "name" : "HPSBUX02638", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=129916880600544&w=2" - }, - { - "name" : "SSRT100339", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=129916880600544&w=2" - }, - { - "name" : "SSRT100475", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497251507577&w=2" - }, - { - "name" : "MDVSA-2010:248", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248" - }, - { - "name" : "RHSA-2010:0979", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0979.html" - }, - { - "name" : "RHSA-2010:0977", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0977.html" - }, - { - "name" : "RHSA-2010:0978", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0978.html" - }, - { - "name" : "RHSA-2011:0896", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0896.html" - }, - { - "name" : "SSA:2010-340-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471" - }, - { - "name" : "SUSE-SR:2011:001", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html" - }, - { - "name" : "SUSE-SU-2011:0847", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" - }, - { - "name" : "openSUSE-SU-2011:0845", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" - }, - { - "name" : "SUSE-SR:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" - }, - { - "name" : "USN-1029-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-1029-1" - }, - { - "name" : "VU#737740", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/737740" - }, - { - "name" : "45164", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45164" - }, - { - "name" : "69565", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/69565" - }, - { - "name" : "oval:org.mitre.oval:def:18910", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910" - }, - { - "name" : "1024822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024822" - }, - { - "name" : "42473", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42473" - }, - { - "name" : "42469", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42469" - }, - { - "name" : "42493", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42493" - }, - { - "name" : "42571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42571" - }, - { - "name" : "42620", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42620" - }, - { - "name" : "42811", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42811" - }, - { - "name" : "42877", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42877" - }, - { - "name" : "43169", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43169" - }, - { - "name" : "43170", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43170" - }, - { - "name" : "43171", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43171" - }, - { - "name" : "43172", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43172" - }, - { - "name" : "43173", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43173" - }, - { - "name" : "44269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44269" - }, - { - "name" : "ADV-2010-3120", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3120" - }, - { - "name" : "ADV-2010-3122", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3122" - }, - { - "name" : "ADV-2010-3134", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3134" - }, - { - "name" : "ADV-2010-3188", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3188" - }, - { - "name" : "ADV-2011-0032", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0032" - }, - { - "name" : "ADV-2011-0076", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0076" - }, - { - "name" : "ADV-2011-0268", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SR:2011:001", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html" + }, + { + "name": "1024822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024822" + }, + { + "name": "42473", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42473" + }, + { + "name": "42571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42571" + }, + { + "name": "43170", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43170" + }, + { + "name": "SSA:2010-340-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471" + }, + { + "name": "ADV-2011-0268", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0268" + }, + { + "name": "SUSE-SR:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" + }, + { + "name": "http://support.apple.com/kb/HT4723", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4723" + }, + { + "name": "SUSE-SU-2011:0847", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html" + }, + { + "name": "42493", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42493" + }, + { + "name": "43173", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43173" + }, + { + "name": "FEDORA-2010-18765", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html" + }, + { + "name": "ADV-2011-0032", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0032" + }, + { + "name": "openSUSE-SU-2011:0845", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html" + }, + { + "name": "43171", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43171" + }, + { + "name": "42620", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42620" + }, + { + "name": "SSRT100817", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/522176" + }, + { + "name": "APPLE-SA-2011-06-23-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html" + }, + { + "name": "USN-1029-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-1029-1" + }, + { + "name": "ADV-2010-3120", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3120" + }, + { + "name": "FEDORA-2010-18736", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html" + }, + { + "name": "ADV-2010-3122", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3122" + }, + { + "name": "43169", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43169" + }, + { + "name": "43172", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43172" + }, + { + "name": "HPSBHF02706", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" + }, + { + "name": "45164", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45164" + }, + { + "name": "69565", + "refsource": "OSVDB", + "url": "http://osvdb.org/69565" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=659462", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462" + }, + { + "name": "VU#737740", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/737740" + }, + { + "name": "42469", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42469" + }, + { + "name": "HPSBMU02759", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/522176" + }, + { + "name": "SSRT100475", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2" + }, + { + "name": "42877", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42877" + }, + { + "name": "http://cvs.openssl.org/chngview?cn=20131", + "refsource": "CONFIRM", + "url": "http://cvs.openssl.org/chngview?cn=20131" + }, + { + "name": "RHSA-2010:0977", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html" + }, + { + "name": "HPSBMA02658", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777" + }, + { + "name": "SSRT100413", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777" + }, + { + "name": "ADV-2010-3134", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3134" + }, + { + "name": "ADV-2010-3188", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3188" + }, + { + "name": "oval:org.mitre.oval:def:18910", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910" + }, + { + "name": "HPSBUX02638", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2" + }, + { + "name": "ADV-2011-0076", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0076" + }, + { + "name": "http://openssl.org/news/secadv_20101202.txt", + "refsource": "CONFIRM", + "url": "http://openssl.org/news/secadv_20101202.txt" + }, + { + "name": "RHSA-2010:0978", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html" + }, + { + "name": "44269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44269" + }, + { + "name": "RHSA-2011:0896", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html" + }, + { + "name": "DSA-2141", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2141" + }, + { + "name": "HPSBOV02670", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497251507577&w=2" + }, + { + "name": "SSRT100613", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132077688910227&w=2" + }, + { + "name": "SSRT100339", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=129916880600544&w=2" + }, + { + "name": "MDVSA-2010:248", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248" + }, + { + "name": "RHSA-2010:0979", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html" + }, + { + "name": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST", + "refsource": "CONFIRM", + "url": "https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST" + }, + { + "name": "42811", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42811" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4660.json b/2010/4xxx/CVE-2010-4660.json index f9d9613d903..d97c6af5511 100644 --- a/2010/4xxx/CVE-2010-4660.json +++ b/2010/4xxx/CVE-2010-4660.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4660", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4660", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4807.json b/2010/4xxx/CVE-2010-4807.json index bbe9e3126cb..1ed3d8eca44 100644 --- a/2010/4xxx/CVE-2010-4807.json +++ b/2010/4xxx/CVE-2010-4807.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4807", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4807", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg24029452", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg24029452" - }, - { - "name" : "PM36141", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM36141" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated users to cause a denial of service (infinite recursive query) via unspecified vectors, related to a StackOverflowError exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg24029452", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg24029452" + }, + { + "name": "PM36141", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM36141" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4814.json b/2010/4xxx/CVE-2010-4814.json index 01205b28507..df489711220 100644 --- a/2010/4xxx/CVE-2010-4814.json +++ b/2010/4xxx/CVE-2010-4814.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15531", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15531" - }, - { - "name" : "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt" - }, - { - "name" : "44854", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44854" - }, - { - "name" : "ahbs-index1-sql-injection(63268)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/63268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 allows remote attackers to execute arbitrary SQL commands via the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44854", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44854" + }, + { + "name": "15531", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15531" + }, + { + "name": "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/files/view/95829/phpbsiahbs-sql.txt" + }, + { + "name": "ahbs-index1-sql-injection(63268)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63268" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5225.json b/2010/5xxx/CVE-2010-5225.json index 05b8664b2a7..01f51217209 100644 --- a/2010/5xxx/CVE-2010-5225.json +++ b/2010/5xxx/CVE-2010-5225.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/", - "refsource" : "MISC", - "url" : "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/" - }, - { - "name" : "42489", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42489" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Babylon 8.1.0 r16 allows local users to gain privileges via a Trojan horse BESExtension.dll file in the current working directory, as demonstrated by a directory that contains a .bgl file. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42489", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42489" + }, + { + "name": "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/", + "refsource": "MISC", + "url": "http://xlocux.wordpress.com/2010/11/22/babylon-pro-8-xx-dll-hijacking/" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0546.json b/2014/0xxx/CVE-2014-0546.json index dfe31755c6c..74ca1a418f9 100644 --- a/2014/0xxx/CVE-2014-0546.json +++ b/2014/0xxx/CVE-2014-0546.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0546", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0546", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/reader/apsb14-19.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/reader/apsb14-19.html" - }, - { - "name" : "1030711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://helpx.adobe.com/security/products/reader/apsb14-19.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/reader/apsb14-19.html" + }, + { + "name": "1030711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030711" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0548.json b/2014/0xxx/CVE-2014-0548.json index cab4a3289f7..e4df18cec05 100644 --- a/2014/0xxx/CVE-2014-0548.json +++ b/2014/0xxx/CVE-2014-0548.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0548", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2014-0548", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", - "refsource" : "CONFIRM", - "url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" - }, - { - "name" : "GLSA-201409-05", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201409-05.xml" - }, - { - "name" : "SUSE-SU-2014:1124", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" - }, - { - "name" : "openSUSE-SU-2014:1110", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" - }, - { - "name" : "openSUSE-SU-2014:1130", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" - }, - { - "name" : "69705", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69705" - }, - { - "name" : "1030822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030822" - }, - { - "name" : "61089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61089" - }, - { - "name" : "adobe-flash-cve20140548-sec-bypass(95818)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95818" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "adobe-flash-cve20140548-sec-bypass(95818)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95818" + }, + { + "name": "GLSA-201409-05", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201409-05.xml" + }, + { + "name": "61089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61089" + }, + { + "name": "openSUSE-SU-2014:1130", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00021.html" + }, + { + "name": "openSUSE-SU-2014:1110", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00006.html" + }, + { + "name": "SUSE-SU-2014:1124", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00016.html" + }, + { + "name": "69705", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69705" + }, + { + "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html", + "refsource": "CONFIRM", + "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-21.html" + }, + { + "name": "1030822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030822" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0971.json b/2014/0xxx/CVE-2014-0971.json index e139c1b3116..a45a73698a6 100644 --- a/2014/0xxx/CVE-2014-0971.json +++ b/2014/0xxx/CVE-2014-0971.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0971", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0971", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1777.json b/2014/1xxx/CVE-2014-1777.json index 901f71f6852..1b5e47fb919 100644 --- a/2014/1xxx/CVE-2014-1777.json +++ b/2014/1xxx/CVE-2014-1777.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1777", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1777", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" - }, - { - "name" : "67869", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67869" - }, - { - "name" : "1030370", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to read local files on the client via a crafted web site, aka \"Internet Explorer Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030370", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030370" + }, + { + "name": "67869", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67869" + }, + { + "name": "MS14-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1873.json b/2014/1xxx/CVE-2014-1873.json index e3598706aec..77cf373b1aa 100644 --- a/2014/1xxx/CVE-2014-1873.json +++ b/2014/1xxx/CVE-2014-1873.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1873", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1873", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1875.json b/2014/1xxx/CVE-2014-1875.json index 2252a27c6e7..163ee65bbd3 100644 --- a/2014/1xxx/CVE-2014-1875.json +++ b/2014/1xxx/CVE-2014-1875.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1875", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2014-1875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140206 CVE Request: Capture::Tiny: insecure use of /tmp", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q1/267" - }, - { - "name" : "[oss-security] 20140206 Re: CVE Request: Capture::Tiny: insecure use of /tmp", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q1/272" - }, - { - "name" : "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes", - "refsource" : "CONFIRM", - "url" : "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1062424", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1062424" - }, - { - "name" : "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924", - "refsource" : "CONFIRM", - "url" : "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924" - }, - { - "name" : "https://github.com/dagolden/Capture-Tiny/issues/16", - "refsource" : "CONFIRM", - "url" : "https://github.com/dagolden/Capture-Tiny/issues/16" - }, - { - "name" : "FEDORA-2014-2261", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128823.html" - }, - { - "name" : "FEDORA-2014-2321", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128882.html" - }, - { - "name" : "65475", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65475" - }, - { - "name" : "102963", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102963" - }, - { - "name" : "56823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56823" - }, - { - "name" : "capturetiny-perl-symlink(91464)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91464" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "65475", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65475" + }, + { + "name": "capturetiny-perl-symlink(91464)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91464" + }, + { + "name": "56823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56823" + }, + { + "name": "FEDORA-2014-2261", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128823.html" + }, + { + "name": "102963", + "refsource": "OSVDB", + "url": "http://osvdb.org/102963" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062424", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062424" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737835" + }, + { + "name": "FEDORA-2014-2321", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/128882.html" + }, + { + "name": "[oss-security] 20140206 CVE Request: Capture::Tiny: insecure use of /tmp", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q1/267" + }, + { + "name": "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes", + "refsource": "CONFIRM", + "url": "http://cpansearch.perl.org/src/DAGOLDEN/Capture-Tiny-0.24/Changes" + }, + { + "name": "[oss-security] 20140206 Re: CVE Request: Capture::Tiny: insecure use of /tmp", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q1/272" + }, + { + "name": "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924", + "refsource": "CONFIRM", + "url": "https://github.com/dagolden/Capture-Tiny/commit/635c9eabd52ab8042b0c841823bd6e692de87924" + }, + { + "name": "https://github.com/dagolden/Capture-Tiny/issues/16", + "refsource": "CONFIRM", + "url": "https://github.com/dagolden/Capture-Tiny/issues/16" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4212.json b/2014/4xxx/CVE-2014-4212.json index 69abb287aa9..5d2528f8f5e 100644 --- a/2014/4xxx/CVE-2014-4212.json +++ b/2014/4xxx/CVE-2014-4212.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4212", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4212", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "68638", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68638" - }, - { - "name" : "oracle-cpujul2014-cve20144212(94556)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94556" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "68638", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68638" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + }, + { + "name": "oracle-cpujul2014-cve20144212(94556)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94556" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4255.json b/2014/4xxx/CVE-2014-4255.json index 350a32de9e0..7d7aeaac408 100644 --- a/2014/4xxx/CVE-2014-4255.json +++ b/2014/4xxx/CVE-2014-4255.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Security and Policy." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "68575", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68575" - }, - { - "name" : "oracle-cpujul2014-cve20144255(94544)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Security and Policy." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68575", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68575" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "oracle-cpujul2014-cve20144255(94544)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94544" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4736.json b/2014/4xxx/CVE-2014-4736.json index f8b53038fe4..7c21c3ab333 100644 --- a/2014/4xxx/CVE-2014-4736.json +++ b/2014/4xxx/CVE-2014-4736.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4736", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4736", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140723 SQL Injection in Ð?2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/532867/100/0/threaded" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23222", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23222" - }, - { - "name" : "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html" - }, - { - "name" : "68843", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in E2 before 2.4 (2845) allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68843", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68843" + }, + { + "name": "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127594/E2-2844-SQL-Injection.html" + }, + { + "name": "20140723 SQL Injection in Ð?2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/532867/100/0/threaded" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23222", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23222" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4823.json b/2014/4xxx/CVE-2014-4823.json index 3560ec55017..d5b67043eb4 100644 --- a/2014/4xxx/CVE-2014-4823.json +++ b/2014/4xxx/CVE-2014-4823.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4823", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-4823", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21684466" - }, - { - "name" : "IV64910", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910" - }, - { - "name" : "IV64919", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919" - }, - { - "name" : "61278", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61278" - }, - { - "name" : "61294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61294" - }, - { - "name" : "ibm-sam-cve20144823-command-injection(95573)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684466" + }, + { + "name": "ibm-sam-cve20144823-command-injection(95573)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95573" + }, + { + "name": "IV64919", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919" + }, + { + "name": "61294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61294" + }, + { + "name": "61278", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61278" + }, + { + "name": "IV64910", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9129.json b/2014/9xxx/CVE-2014-9129.json index 182271c0d46..505eeb3ab23 100644 --- a/2014/9xxx/CVE-2014-9129.json +++ b/2014/9xxx/CVE-2014-9129.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9129", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9129", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141202 CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534132/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html" - }, - { - "name" : "https://downloadsmanager.cminds.com/release-notes/", - "refsource" : "CONFIRM", - "url" : "https://downloadsmanager.cminds.com/release-notes/" - }, - { - "name" : "71418", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71418" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_admin_settings page to wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://downloadsmanager.cminds.com/release-notes/", + "refsource": "CONFIRM", + "url": "https://downloadsmanager.cminds.com/release-notes/" + }, + { + "name": "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129357/WordPress-CM-Download-Manager-2.0.6-XSS-CSRF.html" + }, + { + "name": "20141202 CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534132/100/0/threaded" + }, + { + "name": "71418", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71418" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9553.json b/2014/9xxx/CVE-2014-9553.json index 9c81d743be7..af102d3e482 100644 --- a/2014/9xxx/CVE-2014-9553.json +++ b/2014/9xxx/CVE-2014-9553.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9553", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9553", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9604.json b/2014/9xxx/CVE-2014-9604.json index aec0837bdd4..7ed17c2362f 100644 --- a/2014/9xxx/CVE-2014-9604.json +++ b/2014/9xxx/CVE-2014-9604.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9604", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9604", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f" - }, - { - "name" : "GLSA-201603-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-06" - }, - { - "name" : "USN-2534-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2534-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3881606240953b9275a247a1c98a567f3c44890f" + }, + { + "name": "USN-2534-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2534-1" + }, + { + "name": "GLSA-201603-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-06" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9970.json b/2014/9xxx/CVE-2014-9970.json index 92c2ef5c16a..d6aceeffc89 100644 --- a/2014/9xxx/CVE-2014-9970.json +++ b/2014/9xxx/CVE-2014-9970.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "jasypt before 1.9.2 allows a timing attack against the password hash comparison." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceforge.net/p/jasypt/code/668/", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/jasypt/code/668/" - }, - { - "name" : "RHSA-2017:3141", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3141" - }, - { - "name" : "RHSA-2017:2808", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2808" - }, - { - "name" : "RHSA-2017:2809", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2809" - }, - { - "name" : "RHSA-2017:2810", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2810" - }, - { - "name" : "RHSA-2017:2811", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2811" - }, - { - "name" : "RHSA-2017:2546", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2546" - }, - { - "name" : "RHSA-2017:2547", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2547" - }, - { - "name" : "RHSA-2018:0294", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0294" - }, - { - "name" : "1039744", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039744" - }, - { - "name" : "1040360", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040360" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "jasypt before 1.9.2 allows a timing attack against the password hash comparison." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040360", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040360" + }, + { + "name": "RHSA-2017:2809", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2809" + }, + { + "name": "RHSA-2017:2547", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2547" + }, + { + "name": "RHSA-2017:2810", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2810" + }, + { + "name": "1039744", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039744" + }, + { + "name": "RHSA-2018:0294", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0294" + }, + { + "name": "RHSA-2017:2808", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2808" + }, + { + "name": "RHSA-2017:2546", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2546" + }, + { + "name": "https://sourceforge.net/p/jasypt/code/668/", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/jasypt/code/668/" + }, + { + "name": "RHSA-2017:3141", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3141" + }, + { + "name": "RHSA-2017:2811", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2811" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3202.json b/2016/3xxx/CVE-2016-3202.json index 579859a725c..e8e0d584585 100644 --- a/2016/3xxx/CVE-2016-3202.json +++ b/2016/3xxx/CVE-2016-3202.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-063", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" - }, - { - "name" : "MS16-068", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068" - }, - { - "name" : "1036096", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036096" - }, - { - "name" : "1036099", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036099" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft (1) Chakra JavaScript, (2) JScript, and (3) VBScript engines, as used in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-063", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" + }, + { + "name": "1036099", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036099" + }, + { + "name": "1036096", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036096" + }, + { + "name": "MS16-068", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3569.json b/2016/3xxx/CVE-2016-3569.json index 604aee850f8..6e81cc23cd6 100644 --- a/2016/3xxx/CVE-2016-3569.json +++ b/2016/3xxx/CVE-2016-3569.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91859", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91859" - }, - { - "name" : "1036393", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036393" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.3, 8.4, 15.1, 15.2, and 16.1 allows remote attackers to affect confidentiality and integrity via vectors related to Web access, a different vulnerability than CVE-2016-3566, CVE-2016-3568, CVE-2016-3570, CVE-2016-3571, and CVE-2016-3573." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "91859", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91859" + }, + { + "name": "1036393", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036393" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3619.json b/2016/3xxx/CVE-2016-3619.json index 06cd52cfa1c..02424d671d3 100644 --- a/2016/3xxx/CVE-2016-3619.json +++ b/2016/3xxx/CVE-2016-3619.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3619", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the \"-c none\" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3619", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160407 CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/07/1" - }, - { - "name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2567", - "refsource" : "MISC", - "url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2567" - }, - { - "name" : "GLSA-201701-16", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-16" - }, - { - "name" : "85919", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85919" - }, - { - "name" : "1035508", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035508" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the \"-c none\" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035508", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035508" + }, + { + "name": "[oss-security] 20160407 CVE-2016-3619 libtiff: Out-of-bounds Read in the bmp2tiff tool", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/07/1" + }, + { + "name": "GLSA-201701-16", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-16" + }, + { + "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2567", + "refsource": "MISC", + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2567" + }, + { + "name": "85919", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85919" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3842.json b/2016/3xxx/CVE-2016-3842.json index 7ff3363ed06..757dc741f00 100644 --- a/2016/3xxx/CVE-2016-3842.json +++ b/2016/3xxx/CVE-2016-3842.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3842", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-3842", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-08-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-08-01.html" - }, - { - "name" : "92220", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92220" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-08-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-08-01.html" + }, + { + "name": "92220", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92220" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3960.json b/2016/3xxx/CVE-2016-3960.json index b975285a435..2bceaa71fe9 100644 --- a/2016/3xxx/CVE-2016-3960.json +++ b/2016/3xxx/CVE-2016-3960.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3960", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-3960", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-173.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-173.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://support.citrix.com/article/CTX209443", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX209443" - }, - { - "name" : "DSA-3554", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3554" - }, - { - "name" : "FEDORA-2016-35d7b09908", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html" - }, - { - "name" : "FEDORA-2016-48e72b7bc5", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html" - }, - { - "name" : "FEDORA-2016-75063477ca", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html" - }, - { - "name" : "86318", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/86318" - }, - { - "name" : "1035587", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035587" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "1035587", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035587" + }, + { + "name": "FEDORA-2016-48e72b7bc5", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html" + }, + { + "name": "FEDORA-2016-35d7b09908", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-173.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-173.html" + }, + { + "name": "FEDORA-2016-75063477ca", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html" + }, + { + "name": "http://support.citrix.com/article/CTX209443", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX209443" + }, + { + "name": "86318", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/86318" + }, + { + "name": "DSA-3554", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3554" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6021.json b/2016/6xxx/CVE-2016-6021.json index 93d7a9fe579..330e09e62b4 100644 --- a/2016/6xxx/CVE-2016-6021.json +++ b/2016/6xxx/CVE-2016-6021.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-08-04T00:00:00", - "ID" : "CVE-2016-6021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Emptoris Strategic Supply Management", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0.0" - }, - { - "version_value" : "10.0.1.0" - }, - { - "version_value" : "10.0.2.0" - }, - { - "version_value" : "10.0.4.0" - }, - { - "version_value" : "10.1.0.0" - }, - { - "version_value" : "10.1.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116755." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-08-04T00:00:00", + "ID": "CVE-2016-6021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Emptoris Strategic Supply Management", + "version": { + "version_data": [ + { + "version_value": "10.0.0.0" + }, + { + "version_value": "10.0.1.0" + }, + { + "version_value": "10.0.2.0" + }, + { + "version_value": "10.0.4.0" + }, + { + "version_value": "10.1.0.0" + }, + { + "version_value": "10.1.1.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22006799", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22006799" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Emptoris Strategic Supply Management Platform 10.0 and 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 116755." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/116755" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22006799", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22006799" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6283.json b/2016/6xxx/CVE-2016-6283.json index aca37c41fa5..9f4972a08a3 100644 --- a/2016/6xxx/CVE-2016-6283.json +++ b/2016/6xxx/CVE-2016-6283.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40989", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40989/" - }, - { - "name" : "20170103 Persisted Cross-Site Scripting (XSS) in Confluence Jira Software", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2017/Jan/3" - }, - { - "name" : "20170106 Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2017/Jan/12" - }, - { - "name" : "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html" - }, - { - "name" : "95288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95288" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95288" + }, + { + "name": "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/140363/Atlassian-Confluence-5.9.12-Cross-Site-Scripting.html" + }, + { + "name": "20170106 Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2017/Jan/12" + }, + { + "name": "20170103 Persisted Cross-Site Scripting (XSS) in Confluence Jira Software", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2017/Jan/3" + }, + { + "name": "40989", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40989/" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7254.json b/2016/7xxx/CVE-2016-7254.json index 2e59e9ec563..752420c4c83 100644 --- a/2016/7xxx/CVE-2016-7254.json +++ b/2016/7xxx/CVE-2016-7254.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka \"SQL RDBMS Engine Elevation of Privilege Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-136", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136" - }, - { - "name" : "94061", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94061" - }, - { - "name" : "1037250", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka \"SQL RDBMS Engine Elevation of Privilege Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037250", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037250" + }, + { + "name": "MS16-136", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-136" + }, + { + "name": "94061", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94061" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7357.json b/2016/7xxx/CVE-2016-7357.json index 22307d432f2..859462aeca8 100644 --- a/2016/7xxx/CVE-2016-7357.json +++ b/2016/7xxx/CVE-2016-7357.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7357", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7357", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7682.json b/2016/7xxx/CVE-2016-7682.json index 17b99381dac..c1d72890802 100644 --- a/2016/7xxx/CVE-2016-7682.json +++ b/2016/7xxx/CVE-2016-7682.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7682", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7682", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7756.json b/2016/7xxx/CVE-2016-7756.json index c2c61ed0a36..98958dcf05e 100644 --- a/2016/7xxx/CVE-2016-7756.json +++ b/2016/7xxx/CVE-2016-7756.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7756", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-7756", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7811.json b/2016/7xxx/CVE-2016-7811.json index 93d09ecd232..2ec4d6bc66e 100644 --- a/2016/7xxx/CVE-2016-7811.json +++ b/2016/7xxx/CVE-2016-7811.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-7811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "CG-WLR300NX", - "version" : { - "version_data" : [ - { - "version_value" : "firmware Ver. 1.20 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Corega Inc" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Fails to restrict access" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-7811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CG-WLR300NX", + "version": { + "version_data": [ + { + "version_value": "firmware Ver. 1.20 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Corega Inc" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://corega.jp/support/security/20161111_wlr300nx.htm", - "refsource" : "CONFIRM", - "url" : "http://corega.jp/support/security/20161111_wlr300nx.htm" - }, - { - "name" : "JVN#23549283", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN23549283/index.html" - }, - { - "name" : "94248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94248" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Fails to restrict access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#23549283", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN23549283/index.html" + }, + { + "name": "http://corega.jp/support/security/20161111_wlr300nx.htm", + "refsource": "CONFIRM", + "url": "http://corega.jp/support/security/20161111_wlr300nx.htm" + }, + { + "name": "94248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94248" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8221.json b/2016/8xxx/CVE-2016-8221.json index 4594f047f71..8b551b92cb7 100644 --- a/2016/8xxx/CVE-2016-8221.json +++ b/2016/8xxx/CVE-2016-8221.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@lenovo.com", - "ID" : "CVE-2016-8221", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "XClarity Administrator (LXCA)", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "Lenovo Group Ltd." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@lenovo.com", + "ID": "CVE-2016-8221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "XClarity Administrator (LXCA)", + "version": { + "version_data": [ + { + "version_value": "1.2.0" + } + ] + } + } + ] + }, + "vendor_name": "Lenovo Group Ltd." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.lenovo.com/us/en/product_security/LEN_10605", - "refsource" : "CONFIRM", - "url" : "https://support.lenovo.com/us/en/product_security/LEN_10605" - }, - { - "name" : "95417", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95417" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95417", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95417" + }, + { + "name": "https://support.lenovo.com/us/en/product_security/LEN_10605", + "refsource": "CONFIRM", + "url": "https://support.lenovo.com/us/en/product_security/LEN_10605" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8266.json b/2016/8xxx/CVE-2016-8266.json index ae2c3af781d..78019abef77 100644 --- a/2016/8xxx/CVE-2016-8266.json +++ b/2016/8xxx/CVE-2016-8266.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8266", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8266", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8452.json b/2016/8xxx/CVE-2016-8452.json index 902d7d6dc50..47092053dca 100644 --- a/2016/8xxx/CVE-2016-8452.json +++ b/2016/8xxx/CVE-2016-8452.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8452", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8452", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "95275", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "95275", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95275" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8623.json b/2016/8xxx/CVE-2016-8623.json index af23231e237..1c590abf5d8 100644 --- a/2016/8xxx/CVE-2016-8623.json +++ b/2016/8xxx/CVE-2016-8623.json @@ -1,123 +1,123 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psampaio@redhat.com", - "ID" : "CVE-2016-8623", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "curl", - "version" : { - "version_data" : [ - { - "version_value" : "7.51.0" - } - ] - } - } - ] - }, - "vendor_name" : "The Curl Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "3.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-416" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-8623", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "curl", + "version": { + "version_data": [ + { + "version_value": "7.51.0" + } + ] + } + } + ] + }, + "vendor_name": "The Curl Project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://curl.haxx.se/docs/adv_20161102I.html", - "refsource" : "CONFIRM", - "url" : "https://curl.haxx.se/docs/adv_20161102I.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623" - }, - { - "name" : "https://curl.haxx.se/CVE-2016-8623.patch", - "refsource" : "CONFIRM", - "url" : "https://curl.haxx.se/CVE-2016-8623.patch" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-21", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-21" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "GLSA-201701-47", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-47" - }, - { - "name" : "RHSA-2018:2486", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2486" - }, - { - "name" : "RHSA-2018:3558", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:3558" - }, - { - "name" : "94106", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94106" - }, - { - "name" : "1037192", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A flaw was found in curl before version 7.51.0. The way curl handles cookies permits other threads to trigger a use-after-free leading to information disclosure." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "3.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.0" + } + ], + [ + { + "vectorString": "4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N", + "version": "2.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8623" + }, + { + "name": "RHSA-2018:3558", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "name": "https://curl.haxx.se/docs/adv_20161102I.html", + "refsource": "CONFIRM", + "url": "https://curl.haxx.se/docs/adv_20161102I.html" + }, + { + "name": "94106", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94106" + }, + { + "name": "https://www.tenable.com/security/tns-2016-21", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-21" + }, + { + "name": "1037192", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037192" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "https://curl.haxx.se/CVE-2016-8623.patch", + "refsource": "CONFIRM", + "url": "https://curl.haxx.se/CVE-2016-8623.patch" + }, + { + "name": "RHSA-2018:2486", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2486" + }, + { + "name": "GLSA-201701-47", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-47" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8854.json b/2016/8xxx/CVE-2016-8854.json index 23910f83601..27ff6cfced1 100644 --- a/2016/8xxx/CVE-2016-8854.json +++ b/2016/8xxx/CVE-2016-8854.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8854", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8854", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9596.json b/2016/9xxx/CVE-2016-9596.json index 27b7681be9a..349cfe68fb3 100644 --- a/2016/9xxx/CVE-2016-9596.json +++ b/2016/9xxx/CVE-2016-9596.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-9596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-9596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1408302", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1408302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1408302", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1408302" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9616.json b/2016/9xxx/CVE-2016-9616.json index 0ff1897b619..f00bb72837e 100644 --- a/2016/9xxx/CVE-2016-9616.json +++ b/2016/9xxx/CVE-2016-9616.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9616", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9616", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file