admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 04:05:49 +00:00
parent 606c5d80b4
commit ff3cc7405c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
23 changed files with 833 additions and 1284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
2010/2xxx/CVE-2010-2480.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2010-2480 Python-Mako (prior v0.3.4): Improper escaping of single quotes in escape.cgi (XSS)"
"value": "Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -40,8 +39,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -73,41 +72,6 @@
"url": "http://www.makotemplates.org/CHANGES",
"refsource": "MISC",
"name": "http://www.makotemplates.org/CHANGES"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2480",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2480"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=609573",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=609573"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
}
]
}

64
2010/2xxx/CVE-2010-2481.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2010-2481 libtiff: TIFFExtractData out-of-bounds read crash"
"value": "The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.6.1-12.el4_8.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-7.el5_5.5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -124,46 +112,6 @@
"url": "http://www.vupen.com/english/advisories/2010/1761",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/1761"
},
{
"url": "https://access.redhat.com/errata/RHSA-2010:0519",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2010:0519"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2481",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2481"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=611895",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=611895"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

39
2010/2xxx/CVE-2010-2482.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash"
"value": "LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -40,8 +39,8 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -99,11 +98,6 @@
"refsource": "MISC",
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=1996"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-2482",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-2482"
},
{
"url": "https://bugs.launchpad.net/bugs/597246",
"refsource": "MISC",
@ -120,30 +114,5 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=608010"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

85
2010/4xxx/CVE-2010-4526.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()"
"value": "Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.1.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.24.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.9-rt31.75.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -91,16 +68,6 @@
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0421",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0421"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:1253",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1253"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=50b5d6ad63821cea324a5a7a19854d4de1a0a819",
"refsource": "MISC",
@ -136,21 +103,6 @@
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0169"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0163",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0163"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4526",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4526"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=664914",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=664914"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4526",
"refsource": "MISC",
@ -162,30 +114,5 @@
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64616"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

127
2010/4xxx/CVE-2010-4527.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4527",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20101231 Re: CVE request: kernel: buffer overflow in OSS load_mixer_volumes",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/31/4"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667615",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667615"
},
{
"name": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/"
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37"
"url": "http://secunia.com/advisories/43291",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43291"
},
{
"name": "45629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45629"
"url": "http://www.vupen.com/english/advisories/2011/0375",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0375"
},
{
"name": "[oss-security] 20101230 CVE request: kernel: buffer overflow in OSS load_mixer_volumes",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2010/12/31/1"
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37"
},
{
"name": "42765",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42765"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d81a12bc29ae4038770e05dce4ab7f26fd5880fb"
},
{
"name": "ADV-2011-0375",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0375"
"url": "http://openwall.com/lists/oss-security/2010/12/31/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2010/12/31/1"
},
{
"name": "SUSE-SA:2011:008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
"url": "http://openwall.com/lists/oss-security/2010/12/31/4",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2010/12/31/4"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d81a12bc29ae4038770e05dce4ab7f26fd5880fb",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d81a12bc29ae4038770e05dce4ab7f26fd5880fb"
"url": "http://secunia.com/advisories/42765",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42765"
},
{
"name": "43291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43291"
"url": "http://www.securityfocus.com/bid/45629",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/45629"
},
{
"url": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/",
"refsource": "MISC",
"name": "http://xorl.wordpress.com/2011/01/09/cve-2010-4527-linux-kernel-oss-sound-card-driver-buffer-overflow/"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=667615",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=667615"
}
]
}

169
2010/4xxx/CVE-2010-4528.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4528",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=665421",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=665421"
"url": "http://developer.pidgin.im/viewmtn/revision/diff/e76f4ad4ef2f10588195a0eedc7a08f82062f79c/with/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031/libpurple/protocols/msn/directconn.c",
"refsource": "MISC",
"name": "http://developer.pidgin.im/viewmtn/revision/diff/e76f4ad4ef2f10588195a0eedc7a08f82062f79c/with/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031/libpurple/protocols/msn/directconn.c"
},
{
"name": "SUSE-SR:2011:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
"url": "http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031",
"refsource": "MISC",
"name": "http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031"
},
{
"name": "[oss-security] 20101227 CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/12/27/1"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052862.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052862.html"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/diff/e76f4ad4ef2f10588195a0eedc7a08f82062f79c/with/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031/libpurple/protocols/msn/directconn.c",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/diff/e76f4ad4ef2f10588195a0eedc7a08f82062f79c/with/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031/libpurple/protocols/msn/directconn.c"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052905.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052905.html"
},
{
"name": "[oss-security] 20101231 Re: CVE Request -- Pidgin v2.7.6 <= x <= v2.7.8 -- MSN DirectConnect DoS (crash due NULL ptr dereference) after receiving a short P2P message",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/12/31/5"
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
},
{
"name": "http://www.pidgin.im/news/security/?id=49",
"refsource": "CONFIRM",
"url": "http://www.pidgin.im/news/security/?id=49"
"url": "http://pidgin.im/pipermail/support/2010-December/009251.html",
"refsource": "MISC",
"name": "http://pidgin.im/pipermail/support/2010-December/009251.html"
},
{
"name": "MDVSA-2010:259",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:259"
"url": "http://secunia.com/advisories/42732",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42732"
},
{
"name": "oval:org.mitre.oval:def:18461",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18461"
"url": "http://secunia.com/advisories/42824",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42824"
},
{
"name": "http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031",
"refsource": "CONFIRM",
"url": "http://developer.pidgin.im/viewmtn/revision/info/aaa07bde3c51d3684391ae6ed86b6dbaeab5d031"
"url": "http://secunia.com/advisories/42877",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42877"
},
{
"name": "45581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45581"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:259",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:259"
},
{
"name": "42877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42877"
"url": "http://www.openwall.com/lists/oss-security/2010/12/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/12/27/1"
},
{
"name": "ADV-2011-0028",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0028"
"url": "http://www.openwall.com/lists/oss-security/2010/12/31/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/12/31/5"
},
{
"name": "[support] 20101227 Pidgin 2.7.9 released",
"refsource": "MLIST",
"url": "http://pidgin.im/pipermail/support/2010-December/009251.html"
"url": "http://www.pidgin.im/news/security/?id=49",
"refsource": "MISC",
"name": "http://www.pidgin.im/news/security/?id=49"
},
{
"name": "42732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42732"
"url": "http://www.securityfocus.com/bid/45581",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/45581"
},
{
"name": "ADV-2011-0076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0076"
"url": "http://www.vupen.com/english/advisories/2011/0028",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0028"
},
{
"name": "ADV-2011-0054",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0054"
"url": "http://www.vupen.com/english/advisories/2011/0054",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0054"
},
{
"name": "FEDORA-2010-19314",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052862.html"
"url": "http://www.vupen.com/english/advisories/2011/0076",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0076"
},
{
"name": "FEDORA-2010-19317",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052905.html"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18461",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18461"
},
{
"name": "42824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42824"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=665421",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=665421"
}
]
}

52
2011/4xxx/CVE-2011-4348.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482"
"value": "Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-274.17.1.el5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -54,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2012:0007",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0007"
},
{
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29",
"refsource": "MISC",
@ -75,44 +69,14 @@
"name": "http://www.openwall.com/lists/oss-security/2012/03/05/2"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-4348",
"url": "https://github.com/torvalds/linux/commit/ae53b5bd77719fed58086c5be60ce4f22bffe1c6",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-4348"
"name": "https://github.com/torvalds/linux/commit/ae53b5bd77719fed58086c5be60ce4f22bffe1c6"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=757143",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=757143"
},
{
"url": "https://github.com/torvalds/linux/commit/ae53b5bd77719fed58086c5be60ce4f22bffe1c6",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ae53b5bd77719fed58086c5be60ce4f22bffe1c6"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

77
2011/4xxx/CVE-2011-4350.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4350",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "yaws",
"product": {
"product_data": [
{
"product_name": "yaws",
"version": {
"version_data": [
{
"version_value": "1.91"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "yaws",
"product": {
"product_data": [
{
"product_name": "yaws",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.91"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4350",
"url": "https://access.redhat.com/security/cve/cve-2011-4350",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2011-4350"
"name": "https://access.redhat.com/security/cve/cve-2011-4350"
},
{
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009",
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350",
@ -63,19 +69,14 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4350"
},
{
"url": "https://access.redhat.com/security/cve/cve-2011-4350",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-4350",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2011-4350"
"name": "https://security-tracker.debian.org/tracker/CVE-2011-4350"
},
{
"url": "https://www.openwall.com/lists/oss-security/2011/11/25/7",
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=650009"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2011/11/25/7",
"url": "https://www.openwall.com/lists/oss-security/2011/11/25/7"
"name": "https://www.openwall.com/lists/oss-security/2011/11/25/7"
}
]
}

73
2011/4xxx/CVE-2011-4358.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4358",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "1027277",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027277"
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"url": "http://www.securitytracker.com/id?1027277",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027277"
}
]
}

131
2012/3xxx/CVE-2012-3437.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3437",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "54714",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54714"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"
},
{
"name": "imagemagick-png-dos(77260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844101",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844101"
"name": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html"
},
{
"name": "MDVSA-2013:092",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092"
"url": "http://secunia.com/advisories/50091",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50091"
},
{
"name": "1027321",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027321"
"url": "http://secunia.com/advisories/50398",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50398"
},
{
"name": "MDVSA-2012:160",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:160"
},
{
"name": "openSUSE-SU-2013:0535",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00101.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:092"
},
{
"name": "50398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50398"
"url": "http://www.securityfocus.com/bid/54714",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54714"
},
{
"name": "50091",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50091"
"url": "http://www.securitytracker.com/id?1027321",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027321"
},
{
"name": "USN-1544-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1544-1"
"url": "http://www.ubuntu.com/usn/USN-1544-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1544-1"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77260"
},
{
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243",
"refsource": "MISC",
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0243"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844101",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844101"
}
]
}

119
2012/3xxx/CVE-2012-3438.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3438",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2012:165",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:165"
},
{
"name": "http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2",
"refsource": "CONFIRM",
"url": "http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2"
},
{
"name": "50090",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50090"
},
{
"name": "graphicsmagick-png-dos(77259)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77259"
},
{
"name": "openSUSE-SU-2013:0536",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00102.html"
},
{
"name": "54716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54716"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844105",
"url": "http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844105"
"name": "http://graphicsmagick.hg.sourceforge.net/hgweb/graphicsmagick/graphicsmagick/rev/d6e469d02cd2"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00102.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00102.html"
},
{
"url": "http://secunia.com/advisories/50090",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50090"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:165",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:165"
},
{
"url": "http://www.securityfocus.com/bid/54716",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54716"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77259",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77259"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844105",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844105"
}
]
}

48
2012/3xxx/CVE-2012-3440.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-3440 sudo: insecure temporary file use in RPM %postun script"
"value": "A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users to overwrite arbitrary files via a symlink attack on the /var/tmp/nsswitch.conf.bak temporary file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.7.2p1-14.el5_8.2",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -64,46 +63,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54868"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1149",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1149"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-3440",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-3440"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844442",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844442"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:C/A:C",
"version": "2.0"
}
]
}
}

64
2013/0xxx/CVE-2013-0328.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0328 jenkins: XSS"
"value": "Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,28 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEL 6 Version of OpenShift Enterprise",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.502-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.4.1-4.el6",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-4.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -87,49 +74,14 @@
"name": "http://www.securityfocus.com/bid/57994"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0638",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0638"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0328",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0328"
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914876",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914876"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

60
2013/0xxx/CVE-2013-0329.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-0329 jenkins: cross-site request forgery (CSRF) protection mechanism bypass"
"value": "Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
"value": "n/a"
}
]
}
@ -32,28 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEL 6 Version of OpenShift Enterprise",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.502-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "1:1.4.1-4.el6",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-4.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -81,51 +68,16 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/21/7"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0638",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0638"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-0329",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-0329"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914877",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914877"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

101
2013/0xxx/CVE-2013-0330.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-0330",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:0638",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html"
},
{
"name": "[oss-security] 20130220 Re: Jenkins CVE request for Jenkins Security Advisory 2013-02-16",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/21/7"
},
{
"name": "57994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57994"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914878",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878"
"name": "http://rhn.redhat.com/errata/RHSA-2013-0638.html"
},
{
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb",
"refsource": "CONFIRM",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb",
"refsource": "MISC",
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
"url": "http://www.openwall.com/lists/oss-security/2013/02/21/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/02/21/7"
},
{
"url": "http://www.securityfocus.com/bid/57994",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57994"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=914878"
}
]
}

85
2013/4xxx/CVE-2013-4247.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4247",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fc29bacedeabb278080e31bb9c1ecb49f143c3b",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1fc29bacedeabb278080e31bb9c1ecb49f143c3b"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998401",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998401"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.9.6"
"url": "http://www.openwall.com/lists/oss-security/2013/08/14/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/14/10"
},
{
"name": "[oss-security] 20130814 Re: CVE Request: Linux kernel: cifs: off-by-one bug in build_unc_path_to_root",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/14/10"
"url": "https://github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/1fc29bacedeabb278080e31bb9c1ecb49f143c3b"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1fc29bacedeabb278080e31bb9c1ecb49f143c3b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1fc29bacedeabb278080e31bb9c1ecb49f143c3b"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998401",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998401"
}
]
}

139
2013/4xxx/CVE-2013-4254.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4254",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,77 +27,101 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1970-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1970-1"
"url": "http://www.ubuntu.com/usn/USN-1971-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1971-1"
},
{
"name": "54494",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54494"
"url": "http://www.ubuntu.com/usn/USN-1974-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1974-1"
},
{
"name": "USN-1975-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1975-1"
"url": "http://www.ubuntu.com/usn/USN-1968-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1968-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c95eb3184ea1a3a2551df57190c81da695e2144b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c95eb3184ea1a3a2551df57190c81da695e2144b"
"url": "http://www.ubuntu.com/usn/USN-1969-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1969-1"
},
{
"name": "USN-1971-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1971-1"
"url": "http://www.ubuntu.com/usn/USN-1970-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1970-1"
},
{
"name": "USN-1968-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1968-1"
"url": "http://www.ubuntu.com/usn/USN-1972-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1972-1"
},
{
"name": "USN-1969-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1969-1"
"url": "http://www.ubuntu.com/usn/USN-1973-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1973-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998878",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998878"
"url": "http://www.ubuntu.com/usn/USN-1975-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1975-1"
},
{
"name": "USN-1973-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1973-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b"
"url": "http://secunia.com/advisories/54494",
"refsource": "MISC",
"name": "http://secunia.com/advisories/54494"
},
{
"name": "USN-1974-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1974-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8"
},
{
"name": "[oss-security] 20130816 Re: CVE Request: linux-kernel priviledge escalation on ARM/perf",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/6"
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/16/6"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8"
"url": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/c95eb3184ea1a3a2551df57190c81da695e2144b"
},
{
"name": "USN-1972-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1972-1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998878",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998878"
}
]
}

97
2013/4xxx/CVE-2013-4258.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4258",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "61852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61852"
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html",
"refsource": "MISC",
"name": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
"url": "http://www.debian.org/security/2013/dsa-2771",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"refsource": "MLIST",
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "[nas] 20130808 nas: Multiple Vulnerabilities in nas 1.9.3",
"refsource": "MLIST",
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html"
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
"url": "http://radscan.com/pipermail/nas/2013-August/001277.html",
"refsource": "MISC",
"name": "http://radscan.com/pipermail/nas/2013-August/001277.html"
},
{
"name": "DSA-2771",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2771"
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits"
},
{
"name": "[nas-commits] 20120122 SF.net SVN: nas:[285] trunk/server/os/aulog.c",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E1Rp1rP-00038Z-VJ%40sfp-svn-6.v30.ch3.sourceforge.com&forum_name=nas-commits"
"url": "http://www.securityfocus.com/bid/61852",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61852"
}
]
}

73
2013/4xxx/CVE-2013-4259.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4259",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998223",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998223"
"url": "http://www.ansible.com/security",
"refsource": "MISC",
"name": "http://www.ansible.com/security"
},
{
"name": "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg"
"url": "https://groups.google.com/forum/#%21topic/ansible-project/UVDYW0HGcNg",
"refsource": "MISC",
"name": "https://groups.google.com/forum/#%21topic/ansible-project/UVDYW0HGcNg"
},
{
"name": "http://www.ansible.com/security",
"refsource": "CONFIRM",
"url": "http://www.ansible.com/security"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998223",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998223"
}
]
}

73
2016/9xxx/CVE-2016-9912.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9912",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20161208 Re: CVE request Qemu: display: virtio-gpu: memory leakage when destroying gpu resource",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/6"
"url": "https://security.gentoo.org/glsa/201701-49",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201701-49"
},
{
"name": "GLSA-201701-49",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-49"
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/12/08/6"
},
{
"name": "94760",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94760"
"url": "http://www.securityfocus.com/bid/94760",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/94760"
}
]
}

97
2016/9xxx/CVE-2016-9916.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-9916",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"name": "94729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94729"
"url": "https://security.gentoo.org/glsa/201701-49",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201701-49"
},
{
"name": "[qemu-devel] 20161116 [PATCH v3 0/4] 9pfs: add cleanup operation in handle/proxy backend",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html"
"url": "http://www.openwall.com/lists/oss-security/2016/12/06/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/12/06/11"
},
{
"name": "GLSA-201701-49",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-49"
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2016/12/08/7"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68"
"url": "http://www.securityfocus.com/bid/94729",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/94729"
},
{
"name": "[oss-security] 20161207 CVE request Qemu: 9pfs: memory leakage via proxy/handle callbacks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/06/11"
"url": "https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html"
},
{
"name": "[oss-security] 20161208 Re: CVE request Qemu: 9pfs: memory leakage via proxy/handle callbacks",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/7"
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=898ae90a44551d25b8e956fd87372d303c82fe68",
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=898ae90a44551d25b8e956fd87372d303c82fe68"
}
]
}

134
2016/9xxx/CVE-2016-9921.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy"
"value": "Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Divide By Zero",
"cweId": "CWE-369"
"value": "n/a"
}
]
}
@ -32,82 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 10.0 (Newton)",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 11.0 (Ocata)",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 8.0 (Liberty)",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenStack Platform 9.0 (Mitaka)",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-10.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:2.9.0-14.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -140,71 +73,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2017:2408"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2016-9921",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2016-9921"
},
{
"url": "https://security.gentoo.org/glsa/201701-49",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201701-49"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Jiangxin (Huawei Inc.), Li Qiang (Qihoo 360), and Qinghao Tang (Qihoo 360) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
]
}
}

166
2021/23xxx/CVE-2021-23209.json
View File

@ -1,45 +1,12 @@
{
"CVE_data_meta": {
"ASSIGNER": "audit@patchstack.com",
"DATE_PUBLIC": "2021-12-15T10:11:00.000Z",
"ID": "CVE-2021-23209",
"STATE": "PUBLIC",
"TITLE": "WordPress AMP for WP \u2013 Accelerated Mobile Pages plugin <= 1.0.77.32 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AMP for WP \u2013 Accelerated Mobile Pages (WordPress plugin)",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "<= 1.0.77.32",
"version_value": "1.0.77.32"
}
]
}
}
]
},
"vendor_name": "Ahmed Kaludi, Mohammed Kaludi"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vulnerability discovered by Ex.Mi (Patchstack)."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-23209",
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
@ -48,58 +15,109 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
"value": "CWE-79 Cross-site Scripting (XSS)",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ahmed Kaludi, Mohammed Kaludi",
"product": {
"product_data": [
{
"product_name": "AMP for WP \u2013 Accelerated Mobile Pages (WordPress plugin)",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "1.0.77.33",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.0.77.32",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/accelerated-mobile-pages/#developers"
},
{
"name": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-77-32-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities",
"refsource": "CONFIRM",
"url": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-77-32-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities"
"url": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-77-32-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/vulnerability/accelerated-mobile-pages/wordpress-amp-for-wp-accelerated-mobile-pages-plugin-1-0-77-32-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities?_s_id=cve"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update to 1.0.77.33 or higher version."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Update to 1.0.77.33 or higher version.</p>"
}
],
"value": "Update to 1.0.77.33 or higher version.\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "FearZzZz (Patchstack Alliance)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}
}