admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 05:35:19 +00:00
parent 700ca368eb
commit 158eaa9c47
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
58 changed files with 4044 additions and 4044 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

190
2006/5xxx/CVE-2006-5034.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5034", "ID": "CVE-2006-5034",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060911 vCAP calendar server Multiple vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0187.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the URI."
{ }
"name" : "http://www.morx.org/vcap.txt", ]
"refsource" : "MISC", },
"url" : "http://www.morx.org/vcap.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "19958", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19958" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-3569", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/3569" ]
}, },
{ "references": {
"name" : "28808", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/28808" "name": "vcap-request-directory-traversal(28873)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28873"
"name" : "1016822", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016822" "name": "http://www.morx.org/vcap.txt",
}, "refsource": "MISC",
{ "url": "http://www.morx.org/vcap.txt"
"name" : "21862", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21862" "name": "21862",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21862"
"name" : "vcap-request-directory-traversal(28873)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28873" "name": "ADV-2006-3569",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/3569"
} },
} {
"name": "20060911 vCAP calendar server Multiple vulnerabilities",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0187.html"
},
{
"name": "28808",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28808"
},
{
"name": "1016822",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016822"
},
{
"name": "19958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19958"
}
]
}
}

160
2006/5xxx/CVE-2006-5622.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5622", "ID": "CVE-2006-5622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2660", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2660" "lang": "eng",
}, "value": "SQL injection vulnerability in picmgr.php in Coppermine Photo Gallery 1.4.9 allows remote attackers to execute arbitrary SQL commands via the aid parameter."
{ }
"name" : "http://coppermine-gallery.net/forum/index.php?topic=37895.0", ]
"refsource" : "CONFIRM", },
"url" : "http://coppermine-gallery.net/forum/index.php?topic=37895.0" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20774", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20774" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4226", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4226" ]
}, },
{ "references": {
"name" : "22625", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22625" "name": "http://coppermine-gallery.net/forum/index.php?topic=37895.0",
} "refsource": "CONFIRM",
] "url": "http://coppermine-gallery.net/forum/index.php?topic=37895.0"
} },
} {
"name": "ADV-2006-4226",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4226"
},
{
"name": "20774",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20774"
},
{
"name": "2660",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2660"
},
{
"name": "22625",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22625"
}
]
}
}

190
2006/5xxx/CVE-2006-5984.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5984", "ID": "CVE-2006-5984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) users.asp, or the (4) setThemeColour parameter to (b) default.asp in the Reseller and Admin levels; or the (5) setThemeColour parameter to default.asp in the User level. NOTE: the txtDomainName parameter to domains.asp is covered by CVE-2006-1407, which suggests that this vector is fixed in 3.2.10 stable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061114 Helm Cross-Site Scripting (XSS)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451737/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) txtCompanyName, (2) txtEmail, or (3) txtUserAccNum parameter to (a) users.asp, or the (4) setThemeColour parameter to (b) default.asp in the Reseller and Admin levels; or the (5) setThemeColour parameter to default.asp in the User level. NOTE: the txtDomainName parameter to domains.asp is covered by CVE-2006-1407, which suggests that this vector is fixed in 3.2.10 stable."
{ }
"name" : "20061116 Helm Cross Site Scripting", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/451848/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://aria-security.net/advisory/helm.txt", "description": [
"refsource" : "MISC", {
"url" : "http://aria-security.net/advisory/helm.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2006-4557", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2006/4557" ]
}, },
{ "references": {
"name" : "1017240", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017240" "name": "20061114 Helm Cross-Site Scripting (XSS)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/451737/100/0/threaded"
"name" : "22916", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22916" "name": "http://aria-security.net/advisory/helm.txt",
}, "refsource": "MISC",
{ "url": "http://aria-security.net/advisory/helm.txt"
"name" : "1884", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1884" "name": "ADV-2006-4557",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4557"
"name" : "helm-domainsusersdefaault-xss(30309)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30309" "name": "22916",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/22916"
} },
} {
"name": "1884",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1884"
},
{
"name": "1017240",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017240"
},
{
"name": "helm-domainsusersdefaault-xss(30309)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30309"
},
{
"name": "20061116 Helm Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451848/100/200/threaded"
}
]
}
}

120
2007/2xxx/CVE-2007-2065.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2065", "ID": "CVE-2007-2065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20788", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/20788" "lang": "eng",
} "value": "PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG_DATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20788"
}
]
}
}

180
2007/2xxx/CVE-2007-2335.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2335", "ID": "CVE-2007-2335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the RSS feed reader functionality in Lunascape 4.1.3 build2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#36628264", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/jp/JVN%2336628264/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23665", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23665" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1538", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1538" ]
}, },
{ "references": {
"name" : "35364", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35364" "name": "35364",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/35364"
"name" : "25000", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25000" "name": "ADV-2007-1538",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1538"
"name" : "lunascape-rssfeed-xss(34074)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34074" "name": "23665",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23665"
} },
} {
"name": "JVN#36628264",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2336628264/index.html"
},
{
"name": "lunascape-rssfeed-xss(34074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34074"
},
{
"name": "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0",
"refsource": "CONFIRM",
"url": "http://lunapedia.lunascape.jp/index.php?title=Lunascape_4#2007.2F04.2F25_ver_4.2.0"
},
{
"name": "25000",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25000"
}
]
}
}

210
2007/2xxx/CVE-2007-2338.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2338", "ID": "CVE-2007-2338",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466286/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter."
{ }
"name" : "http://www.waraxe.us/advisory-49.html", ]
"refsource" : "MISC", },
"url" : "http://www.waraxe.us/advisory-49.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.phorum.org/story.php?76", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.phorum.org/story.php?76" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23616", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23616" ]
}, },
{ "references": {
"name" : "ADV-2007-1479", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1479" "name": "http://www.waraxe.us/advisory-49.html",
}, "refsource": "MISC",
{ "url": "http://www.waraxe.us/advisory-49.html"
"name" : "35061", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35061" "name": "http://www.phorum.org/story.php?76",
}, "refsource": "CONFIRM",
{ "url": "http://www.phorum.org/story.php?76"
"name" : "1017936", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017936" "name": "1017936",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017936"
"name" : "24932", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24932" "name": "phorum-banlist-csrf(34078)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34078"
"name" : "2617", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2617" "name": "ADV-2007-1479",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1479"
"name" : "phorum-banlist-csrf(34078)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34078" "name": "24932",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24932"
} },
} {
"name": "20070419 [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466286/100/0/threaded"
},
{
"name": "2617",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2617"
},
{
"name": "23616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23616"
},
{
"name": "35061",
"refsource": "OSVDB",
"url": "http://osvdb.org/35061"
}
]
}
}

160
2007/2xxx/CVE-2007-2536.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2536", "ID": "CVE-2007-2536",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070504 Multiple vendors ZOO file decompression infinite loop DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/467646/100/0/threaded" "lang": "eng",
}, "value": "PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."
{ }
"name" : "23823", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23823" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "41751", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41751" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2680", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2680" ]
}, },
{ "references": {
"name" : "multiple-vendor-zoo-dos(34080)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080" "name": "multiple-vendor-zoo-dos(34080)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"
} },
} {
"name": "41751",
"refsource": "OSVDB",
"url": "http://osvdb.org/41751"
},
{
"name": "23823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23823"
},
{
"name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded"
},
{
"name": "2680",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2680"
}
]
}
}

160
2007/2xxx/CVE-2007-2603.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2603", "ID": "CVE-2007-2603",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Init function in the Audio CD Ripper OCX (AudioCDRipperOCX.ocx) 1.0 ActiveX control allows remote attackers to cause a denial of service (NULL dereference and Internet Explorer crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070509 Multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/468070/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in the Init function in the Audio CD Ripper OCX (AudioCDRipperOCX.ocx) 1.0 ActiveX control allows remote attackers to cause a denial of service (NULL dereference and Internet Explorer crash) via unspecified vectors."
{ }
"name" : "23900", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23900" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36216", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36216" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2708", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2708" ]
}, },
{ "references": {
"name" : "audio-audiocdripperocx-dos(34206)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34206" "name": "20070509 Multiple vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/468070/100/0/threaded"
} },
} {
"name": "audio-audiocdripperocx-dos(34206)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34206"
},
{
"name": "2708",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2708"
},
{
"name": "23900",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23900"
},
{
"name": "36216",
"refsource": "OSVDB",
"url": "http://osvdb.org/36216"
}
]
}
}

180
2007/3xxx/CVE-2007-3101.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-3101", "ID": "CVE-2007-3101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070614 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client."
{ }
"name" : "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272", ]
"refsource" : "CONFIRM", },
"url" : "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24480", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24480" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36377", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36377" ]
}, },
{ "references": {
"name" : "ADV-2007-2212", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2212" "name": "25618",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25618"
"name" : "25618", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25618" "name": "myfaces-autoscroll-xss(34872)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34872"
"name" : "myfaces-autoscroll-xss(34872)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34872" "name": "20070614 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability",
} "refsource": "IDEFENSE",
] "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=544"
} },
} {
"name": "36377",
"refsource": "OSVDB",
"url": "http://osvdb.org/36377"
},
{
"name": "24480",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24480"
},
{
"name": "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272",
"refsource": "CONFIRM",
"url": "http://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12312536&styleName=Text&projectId=12310272"
},
{
"name": "ADV-2007-2212",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2212"
}
]
}
}

460
2007/3xxx/CVE-2007-3998.json
View File

@ -1,232 +1,232 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3998", "ID": "CVE-2007-3998",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, \"\"' argument set."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secweb.se/en/advisories/php-wordwrap-vulnerability/", "description_data": [
"refsource" : "MISC", {
"url" : "http://secweb.se/en/advisories/php-wordwrap-vulnerability/" "lang": "eng",
}, "value": "The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, \"\"' argument set."
{ }
"name" : "http://www.php.net/ChangeLog-5.php#5.2.4", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php.net/ChangeLog-5.php#5.2.4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.php.net/releases/5_2_4.php", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/releases/5_2_4.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.rpath.com/browse/RPL-1702", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.rpath.com/browse/RPL-1702" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1693", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1693" "name": "30288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30288"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" "name": "26822",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26822"
"name" : "https://launchpad.net/bugs/173043", },
"refsource" : "CONFIRM", {
"url" : "https://launchpad.net/bugs/173043" "name": "https://launchpad.net/bugs/173043",
}, "refsource": "CONFIRM",
{ "url": "https://launchpad.net/bugs/173043"
"name" : "DSA-1444", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1444" "name": "oval:org.mitre.oval:def:10603",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603"
"name" : "DSA-1578", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1578" "name": "SUSE-SA:2008:004",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
"name" : "FEDORA-2007-709", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" "name": "28658",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28658"
"name" : "GLSA-200710-02", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" "name": "FEDORA-2007-709",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
"name" : "MDKSA-2007:187", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" "name": "26967",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26967"
"name" : "RHSA-2007:0890", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html" "name": "DSA-1444",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1444"
"name" : "RHSA-2007:0889", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html" "name": "GLSA-200710-02",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
"name" : "RHSA-2007:0891", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html" "name": "27864",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27864"
"name" : "SUSE-SA:2008:004", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
"name" : "2007-0026", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2007/0026/" "name": "26930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26930"
"name" : "USN-549-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/549-1/" "name": "2007-0026",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2007/0026/"
"name" : "USN-549-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-549-2" "name": "RHSA-2007:0889",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
"name" : "oval:org.mitre.oval:def:10603", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10603" "name": "USN-549-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/549-1/"
"name" : "ADV-2007-3023", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3023" "name": "https://issues.rpath.com/browse/RPL-1693",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1693"
"name" : "26642", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26642" "name": "28249",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28249"
"name" : "26822", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26822" "name": "DSA-1578",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1578"
"name" : "26838", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26838" "name": "https://issues.rpath.com/browse/RPL-1702",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1702"
"name" : "26930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26930" "name": "27545",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27545"
"name" : "26871", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26871" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
"name" : "26895", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26895" "name": "26838",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26838"
"name" : "26967", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26967" "name": "http://secweb.se/en/advisories/php-wordwrap-vulnerability/",
}, "refsource": "MISC",
{ "url": "http://secweb.se/en/advisories/php-wordwrap-vulnerability/"
"name" : "27377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27377" "name": "27377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27377"
"name" : "27545", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27545" "name": "MDKSA-2007:187",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
"name" : "27102", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27102" "name": "27102",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27102"
"name" : "27864", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27864" "name": "ADV-2007-3023",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3023"
"name" : "28249", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28249" "name": "http://www.php.net/releases/5_2_4.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/releases/5_2_4.php"
"name" : "28658", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28658" "name": "26895",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26895"
"name" : "30288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30288" "name": "USN-549-2",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/usn-549-2"
} },
} {
"name": "RHSA-2007:0890",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name": "RHSA-2007:0891",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name": "26871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26871"
},
{
"name": "26642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26642"
}
]
}
}

330
2007/6xxx/CVE-2007-6019.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2007-6019", "ID": "CVE-2007-6019",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080408 ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490623/100/0/threaded" "lang": "eng",
}, "value": "Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly."
{ }
"name" : "20080414 Secunia Research: Adobe Flash Player \"Declare Function (V7)\" HeapOverflow", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/490824/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-08-021", "description": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-08-021" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.adobe.com/support/security/bulletins/apsb08-11.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.adobe.com/support/security/bulletins/apsb08-11.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2008-05-28", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html" "name": "29865",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29865"
"name" : "GLSA-200804-21", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml" "name": "oval:org.mitre.oval:def:10160",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10160"
"name" : "RHSA-2008:0221", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0221.html" "name": "30507",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30507"
"name" : "238305", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1" "name": "1019810",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1019810"
"name" : "SUSE-SA:2008:022", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html" "name": "http://www.adobe.com/support/security/bulletins/apsb08-11.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.adobe.com/support/security/bulletins/apsb08-11.html"
"name" : "TA08-100A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-100A.html" "name": "ADV-2008-1724",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1724/references"
"name" : "TA08-150A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-150A.html" "name": "adobe-flash-declarefunction2-bo(41717)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41717"
"name" : "28694", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28694" "name": "RHSA-2008:0221",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0221.html"
"name" : "oval:org.mitre.oval:def:10160", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10160" "name": "3805",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3805"
"name" : "ADV-2008-1697", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1697" "name": "TA08-150A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"
"name" : "ADV-2008-1724", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1724/references" "name": "30430",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30430"
"name" : "1019810", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019810" "name": "APPLE-SA-2008-05-28",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"
"name" : "29763", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29763" "name": "SUSE-SA:2008:022",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html"
"name" : "29865", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29865" "name": "20080414 Secunia Research: Adobe Flash Player \"Declare Function (V7)\" HeapOverflow",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490824/100/0/threaded"
"name" : "30430", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30430" "name": "29763",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29763"
"name" : "30507", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30507" "name": "238305",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1"
"name" : "3805", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3805" "name": "20080408 ZDI-08-021: Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490623/100/0/threaded"
"name" : "adobe-flash-declarefunction2-bo(41717)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41717" "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-021",
} "refsource": "MISC",
] "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-021"
} },
} {
"name": "GLSA-200804-21",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml"
},
{
"name": "ADV-2008-1697",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1697"
},
{
"name": "28694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28694"
},
{
"name": "TA08-100A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-100A.html"
}
]
}
}

130
2010/0xxx/CVE-2010-0603.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2010-0603", "ID": "CVE-2010-0603",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100512 Multiple Vulnerabilities in Cisco PGW Softswitch", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c519.shtml" "lang": "eng",
}, "value": "The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030."
{ }
"name" : "40121", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40121" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40121"
},
{
"name": "20100512 Multiple Vulnerabilities in Cisco PGW Softswitch",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c519.shtml"
}
]
}
}

150
2010/0xxx/CVE-2010-0719.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0719", "ID": "CVE-2010-0719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/" "lang": "eng",
}, "value": "An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application."
{ }
"name" : "62660", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/62660" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1023656", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1023656" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ms-win-api-dos(56591)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56591" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ms-win-api-dos(56591)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56591"
},
{
"name": "1023656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023656"
},
{
"name": "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/",
"refsource": "MISC",
"url": "http://www.scmagazineus.com/malta-researchers-find-windows-bug-that-crashes-pcs/article/164439/"
},
{
"name": "62660",
"refsource": "OSVDB",
"url": "http://osvdb.org/62660"
}
]
}
}

170
2010/1xxx/CVE-2010-1253.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2010-1253", "ID": "CVE-2010-1253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a \"user-controlled pointer,\" aka \"Excel ADO Object Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20100608 ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/511728/100/0/threaded" "lang": "eng",
}, "value": "Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a \"user-controlled pointer,\" aka \"Excel ADO Object Vulnerability.\""
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-10-103", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-10-103" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS10-038", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA10-159B", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" ]
}, },
{ "references": {
"name" : "65228", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/65228" "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-103",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-10-103"
"name" : "oval:org.mitre.oval:def:6842", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6842" "name": "oval:org.mitre.oval:def:6842",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6842"
} },
} {
"name": "MS10-038",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038"
},
{
"name": "65228",
"refsource": "OSVDB",
"url": "http://osvdb.org/65228"
},
{
"name": "TA10-159B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html"
},
{
"name": "20100608 ZDI-10-103: Microsoft Office Excel DBQueryExt Record Unspecified ADO Object Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/511728/100/0/threaded"
}
]
}
}

210
2010/1xxx/CVE-2010-1446.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-1446", "ID": "CVE-2010-1446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[linux-kernel] 20100510 [071/117] kgdb: dont needlessly skip PAGE_USER test for Fsl booke", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lkml.org/lkml/2010/5/10/458" "lang": "eng",
}, "value": "arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke."
{ }
"name" : "[oss-security] 20100429 CVE request - Linux Kernel KGDB/ppc issue", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2010/04/29/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20100429 Re: CVE request - Linux Kernel KGDB/ppc issue", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2010/04/29/9" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20100430 Re: CVE request - Linux Kernel KGDB/ppc issue", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2010/04/30/1" ]
}, },
{ "references": {
"name" : "DSA-2053", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2010/dsa-2053" "name": "SUSE-SA:2010:031",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html"
"name" : "SUSE-SA:2010:031", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-07/msg00006.html" "name": "kernel-kgdb-memory-overwrite(58840)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58840"
"name" : "39830", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/39830" "name": "[oss-security] 20100430 Re: CVE request - Linux Kernel KGDB/ppc issue",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/30/1"
"name" : "40645", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40645" "name": "40645",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40645"
"name" : "ADV-2010-1857", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1857" "name": "[oss-security] 20100429 Re: CVE request - Linux Kernel KGDB/ppc issue",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2010/04/29/9"
"name" : "kernel-kgdb-memory-overwrite(58840)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58840" "name": "[linux-kernel] 20100510 [071/117] kgdb: dont needlessly skip PAGE_USER test for Fsl booke",
} "refsource": "MLIST",
] "url": "http://lkml.org/lkml/2010/5/10/458"
} },
} {
"name": "DSA-2053",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2053"
},
{
"name": "39830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39830"
},
{
"name": "[oss-security] 20100429 CVE request - Linux Kernel KGDB/ppc issue",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/04/29/3"
},
{
"name": "ADV-2010-1857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1857"
}
]
}
}

160
2010/5xxx/CVE-2010-5015.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5015", "ID": "CVE-2010-5015",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt" "lang": "eng",
}, "value": "SQL injection vulnerability in view_photo.php in 2daybiz Network Community Script allows remote attackers to execute arbitrary SQL commands via the alb parameter."
{ }
"name" : "40913", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/40913" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40247", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40247" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "8511", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/8511" ]
}, },
{ "references": {
"name" : "networkcomm-viewphoto-sql-injection(59496)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59496" "name": "networkcomm-viewphoto-sql-injection(59496)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59496"
} },
} {
"name": "8511",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8511"
},
{
"name": "40913",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40913"
},
{
"name": "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt",
"refsource": "MISC",
"url": "http://www.packetstormsecurity.com/1006-exploits/2daybiz-sqlxss.txt"
},
{
"name": "40247",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40247"
}
]
}
}

34
2014/0xxx/CVE-2014-0242.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-0242", "ID": "CVE-2014-0242",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

220
2014/0xxx/CVE-2014-0455.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-0455", "ID": "CVE-2014-0455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.ibm.com/support/docview.wss?uid=swg21675973", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.ibm.com/support/docview.wss?uid=swg21675973" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201502-12", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" ]
}, },
{ "references": {
"name" : "HPSBUX03091", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "name": "USN-2187-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2187-1"
"name" : "SSRT101667", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" "name": "RHSA-2014:0675",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html"
"name" : "RHSA-2014:0675", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0675.html" "name": "https://www.ibm.com/support/docview.wss?uid=swg21675973",
}, "refsource": "CONFIRM",
{ "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973"
"name" : "RHSA-2014:0413", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0413" "name": "HPSBUX03091",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
"name" : "USN-2187-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2187-1" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"
"name" : "66899", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/66899" "name": "RHSA-2014:0413",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0413"
"name" : "58974", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/58974" "name": "SSRT101667",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"
} },
} {
"name": "58974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58974"
},
{
"name": "66899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66899"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"
},
{
"name": "GLSA-201502-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}
]
}
}

150
2014/0xxx/CVE-2014-0610.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-0610", "ID": "CVE-2014-0610",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.novell.com/support/kb/doc.php?id=7015565", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/kb/doc.php?id=7015565" "lang": "eng",
}, "value": "The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors."
{ }
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=874533", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=874533" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030802", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030802" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "novell-groupwise-cve20140610-code-exec(95738)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95738" ]
} },
] "references": {
} "reference_data": [
} {
"name": "novell-groupwise-cve20140610-code-exec(95738)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95738"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015565",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015565"
},
{
"name": "1030802",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030802"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=874533",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=874533"
}
]
}
}

190
2014/0xxx/CVE-2014-0659.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0659", "ID": "CVE-2014-0659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/elvanderb/TCP-32764", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/elvanderb/TCP-32764" "lang": "eng",
}, "value": "The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685."
{ }
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381", ]
"refsource" : "CONFIRM", },
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20140110 Undocumented Test Interface in Cisco Small Business Devices", "description": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "64776", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/64776" ]
}, },
{ "references": {
"name" : "1029579", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029579" "name": "56292",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/56292"
"name" : "1029580", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029580" "name": "20140110 Undocumented Test Interface in Cisco Small Business Devices",
}, "refsource": "CISCO",
{ "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd"
"name" : "56292", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56292" "name": "cisco-small-cve20140659-priv-esc(90233)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90233"
"name" : "cisco-small-cve20140659-priv-esc(90233)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90233" "name": "64776",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/64776"
} },
} {
"name": "1029580",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029580"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32381"
},
{
"name": "1029579",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029579"
},
{
"name": "https://github.com/elvanderb/TCP-32764",
"refsource": "MISC",
"url": "https://github.com/elvanderb/TCP-32764"
}
]
}
}

180
2014/0xxx/CVE-2014-0666.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0666", "ID": "CVE-2014-0666",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451" "lang": "eng",
}, "value": "Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056."
{ }
"name" : "20140115 Cisco Jabber for Windows Remote Code Execution Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "64965", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/64965" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "102122", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/102122" ]
}, },
{ "references": {
"name" : "1029635", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029635" "name": "1029635",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1029635"
"name" : "56331", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56331" "name": "20140115 Cisco Jabber for Windows Remote Code Execution Vulnerability",
}, "refsource": "CISCO",
{ "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666"
"name" : "cisco-jabber-cve20140666-code-exec(90435)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90435" "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451",
} "refsource": "CONFIRM",
] "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32451"
} },
} {
"name": "56331",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56331"
},
{
"name": "64965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64965"
},
{
"name": "cisco-jabber-cve20140666-code-exec(90435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90435"
},
{
"name": "102122",
"refsource": "OSVDB",
"url": "http://osvdb.org/102122"
}
]
}
}

120
2014/0xxx/CVE-2014-0708.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0708", "ID": "CVE-2014-0708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140318 Cisco WebEx Business Suite HTTP GET Parameters Include Sensitive Information", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0708" "lang": "eng",
} "value": "WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140318 Cisco WebEx Business Suite HTTP GET Parameters Include Sensitive Information",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0708"
}
]
}
}

180
2014/0xxx/CVE-2014-0894.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0894", "ID": "CVE-2014-0894",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/532598/100/0/threaded" "lang": "eng",
}, "value": "RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document."
{ }
"name" : "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Jun/173" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt", "description": [
"refsource" : "MISC", {
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21675881" "name": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html"
"name" : "59296", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59296" "name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/532598/100/0/threaded"
"name" : "ibm-aclm-cve20140894-database-pw(91313)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91313" "name": "59296",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/59296"
} },
} {
"name": "ibm-aclm-cve20140894-database-pw(91313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91313"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21675881"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt"
},
{
"name": "20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/173"
}
]
}
}

120
2014/1xxx/CVE-2014-1261.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1261", "ID": "CVE-2014-1261",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6150", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6150" "lang": "eng",
} "value": "Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Unicode font."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT6150",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6150"
}
]
}
}

160
2014/1xxx/CVE-2014-1506.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2014-1506", "ID": "CVE-2014-1506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments."
{ }
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944374", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944374" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" ]
}, },
{ "references": {
"name" : "66420", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/66420" "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html",
} "refsource": "CONFIRM",
] "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-24.html"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944374",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944374"
},
{
"name": "20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "66420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66420"
}
]
}
}

190
2014/1xxx/CVE-2014-1690.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-1690", "ID": "CVE-2014-1690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140128 Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/01/28/3" "lang": "eng",
}, "value": "The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058748", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058748" ]
}, },
{ "references": {
"name" : "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886" "name": "USN-2137-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2137-1"
"name" : "USN-2137-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2137-1" "name": "USN-2140-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2140-1"
"name" : "USN-2140-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2140-1" "name": "USN-2158-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2158-1"
"name" : "USN-2158-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2158-1" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8",
} "refsource": "CONFIRM",
] "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.8"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058748"
},
{
"name": "[oss-security] 20140128 Re: CVE request Linux kernel: netfilter: nf_nat: leakage of uninitialized buffer in IRC NAT helper",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/01/28/3"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2690d97ade05c5325cbf7c72b94b90d265659886"
},
{
"name": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2690d97ade05c5325cbf7c72b94b90d265659886"
}
]
}
}

34
2014/1xxx/CVE-2014-1954.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1954", "ID": "CVE-2014-1954",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2014/4xxx/CVE-2014-4506.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4506", "ID": "CVE-2014-4506",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the \"administer custom meta settings\" permission to inject arbitrary web script or HTML via the (1) attribute or (2) content value for a meta tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2288429", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2288429" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Custom Meta module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote authenticated users with the \"administer custom meta settings\" permission to inject arbitrary web script or HTML via the (1) attribute or (2) content value for a meta tag."
{ }
"name" : "https://www.drupal.org/node/2288415", ]
"refsource" : "CONFIRM", },
"url" : "https://www.drupal.org/node/2288415" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2288417", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2288417" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "68108", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/68108" ]
}, },
{ "references": {
"name" : "59367", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59367" "name": "https://www.drupal.org/node/2288417",
} "refsource": "CONFIRM",
] "url": "https://www.drupal.org/node/2288417"
} },
} {
"name": "59367",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59367"
},
{
"name": "https://www.drupal.org/node/2288415",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2288415"
},
{
"name": "https://www.drupal.org/node/2288429",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2288429"
},
{
"name": "68108",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68108"
}
]
}
}

120
2014/4xxx/CVE-2014-4541.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4541", "ID": "CVE-2014-4541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss", "description_data": [
"refsource" : "MISC", {
"url" : "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in shortcode-generator/preview-shortcode-external.php in the OMFG Mobile Pro plugin 1.1.26 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the shortcode parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss",
"refsource": "MISC",
"url": "http://codevigilant.com/disclosure/wp-plugin-omfg-mobile-a3-cross-site-scripting-xss"
}
]
}
}

150
2014/4xxx/CVE-2014-4792.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-4792", "ID": "CVE-2014-4792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681998", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681998" "lang": "eng",
}, "value": "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files."
{ }
"name" : "PI23334", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI23334" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "61204", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/61204" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-wsportal-cve20144792-upload(95204)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95204" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ibm-wsportal-cve20144792-upload(95204)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95204"
},
{
"name": "61204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61204"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681998",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681998"
},
{
"name": "PI23334",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI23334"
}
]
}
}

170
2014/5xxx/CVE-2014-5242.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5242", "ID": "CVE-2014-5242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/08/14/5" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value."
{ }
"name" : "[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2", ]
"refsource" : "MLIST", },
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://advisories.mageia.org/MGASA-2014-0309.html", ]
"refsource" : "CONFIRM", }
"url" : "http://advisories.mageia.org/MGASA-2014-0309.html" ]
}, },
{ "references": {
"name" : "MDVSA-2014:153", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153" "name": "[MediaWiki-announce] 20140730 MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2",
}, "refsource": "MLIST",
{ "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2014-July/000157.html"
"name" : "69135", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/69135" "name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=66608"
} },
} {
"name": "MDVSA-2014:153",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:153"
},
{
"name": "69135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69135"
},
{
"name": "[oss-security] 20140814 Re: Possible CVE Request: MediaWiki Security and Maintenance Releases: 1.19.18, 1.22.9 and 1.23.2",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/08/14/5"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0309.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0309.html"
}
]
}
}

140
2014/5xxx/CVE-2014-5330.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2014-5330", "ID": "CVE-2014-5330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#87373393", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN87373393/index.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in BirdBlog allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVNDB-2014-000121", ]
"refsource" : "JVNDB", },
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000121" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "70610", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/70610" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "70610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70610"
},
{
"name": "JVNDB-2014-000121",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000121"
},
{
"name": "JVN#87373393",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87373393/index.html"
}
]
}
}

34
2014/5xxx/CVE-2014-5495.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5495", "ID": "CVE-2014-5495",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/5xxx/CVE-2014-5838.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5838", "ID": "CVE-2014-5838",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Girls Games - Shoes Maker (aka com.g6677.android.shoemaker) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#442665", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/442665" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#442665",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/442665"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

150
2015/2xxx/CVE-2015-2433.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2433", "ID": "CVE-2015-2433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka \"Kernel ASLR Bypass Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38222", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38222/" "lang": "eng",
}, "value": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka \"Kernel ASLR Bypass Vulnerability.\""
{ }
"name" : "MS15-080", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76213", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76213" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033238", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033238" ]
} },
] "references": {
} "reference_data": [
} {
"name": "MS15-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080"
},
{
"name": "76213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76213"
},
{
"name": "1033238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033238"
},
{
"name": "38222",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38222/"
}
]
}
}

160
2016/10xxx/CVE-2016-10248.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10248", "ID": "CVE-2016-10248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/", "description_data": [
"refsource" : "MISC", {
"url" : "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/" "lang": "eng",
}, "value": "The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence."
{ }
"name" : "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2017:1208", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1208" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3693-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3693-1/" ]
}, },
{ "references": {
"name" : "93797", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93797" "name": "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/",
} "refsource": "MISC",
] "url": "https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/"
} },
} {
"name": "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd",
"refsource": "CONFIRM",
"url": "https://github.com/mdadams/jasper/commit/2e82fa00466ae525339754bb3ab0a0474a31d4bd"
},
{
"name": "RHSA-2017:1208",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1208"
},
{
"name": "93797",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93797"
},
{
"name": "USN-3693-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3693-1/"
}
]
}
}

140
2016/10xxx/CVE-2016-10342.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2016-10342", "ID": "CVE-2016-10342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in TrustZone"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Buffer Copy without Checking Size of Input in TrustZone"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
}

132
2016/10xxx/CVE-2016-10438.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2016-10438", "ID": "CVE-2016-10438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SDX20" "version_value": "FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information exposure vulnerability in various HLOS modules"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information exposure vulnerability in various HLOS modules"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

122
2016/10xxx/CVE-2016-10539.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10539", "ID": "CVE-2016-10539",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "negotiator node module", "product_name": "negotiator node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<= 0.6.0" "version_value": "<= 0.6.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for \"Accept-Language\", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service (CWE-400)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/106", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/106" "lang": "eng",
} "value": "negotiator is an HTTP content negotiator for Node.js and is used by many modules and frameworks including Express and Koa. The header for \"Accept-Language\", when parsed by negotiator 0.6.0 and earlier is vulnerable to Regular Expression Denial of Service via a specially crafted string."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/106",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/106"
}
]
}
}

34
2016/3xxx/CVE-2016-3789.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-3789", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-3789",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

140
2016/8xxx/CVE-2016-8429.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8429", "ID": "CVE-2016-8429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-01-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-01-01.html" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429."
{ }
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", ]
"refsource" : "CONFIRM", },
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "95231", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95231" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "95231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95231"
},
{
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
}
]
}
}

130
2016/8xxx/CVE-2016-8469.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8469", "ID": "CVE-2016-8469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-01-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-01-01.html" "lang": "eng",
}, "value": "An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469."
{ }
"name" : "95246", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95246" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "95246",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95246"
}
]
}
}

166
2016/8xxx/CVE-2016-8477.json
View File

@ -1,85 +1,85 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8477", "ID": "CVE-2016-8477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
}, },
{ {
"version_value" : "Kernel-3.18" "version_value": "Kernel-3.18"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32720522. References: QC-CR#1090007."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-03-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-03-01" "lang": "eng",
}, "value": "An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32720522. References: QC-CR#1090007."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb", "description": [
"refsource" : "CONFIRM", {
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb" "lang": "eng",
}, "value": "Information disclosure"
{ }
"name" : "96749", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/96749" ]
}, },
{ "references": {
"name" : "1037968", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037968" "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508",
} "refsource": "CONFIRM",
] "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=33c9042e38506b04461fa99e304482bc20923508"
} },
} {
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name": "96749",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96749"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=96145eb5f0631f0e105d47abebc8f940f7621eeb"
}
]
}
}

34
2016/8xxx/CVE-2016-8552.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-8552", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-8552",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

246
2016/9xxx/CVE-2016-9066.json
View File

@ -1,125 +1,125 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-9066", "ID": "CVE-2016-9066",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.5" "version_value": "45.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.5" "version_value": "45.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50" "version_value": "50"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer overflow leading to a buffer overflow in nsScriptLoadHandler"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686" "lang": "eng",
}, "value": "A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-90/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-90/" "lang": "eng",
}, "value": "Integer overflow leading to a buffer overflow in nsScriptLoadHandler"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-93/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-93/" ]
}, },
{ "references": {
"name" : "DSA-3730", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2016/dsa-3730" "name": "DSA-3730",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2016/dsa-3730"
"name" : "GLSA-201701-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "1037298",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037298"
"name" : "RHSA-2016:2780", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2780.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1299686"
"name" : "94336", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94336" "name": "GLSA-201701-15",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-15"
"name" : "1037298", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037298" "name": "94336",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/94336"
} },
} {
"name": "https://www.mozilla.org/security/advisories/mfsa2016-93/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-93/"
},
{
"name": "RHSA-2016:2780",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-90/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-90/"
}
]
}
}

164
2016/9xxx/CVE-2016-9710.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-9710", "ID": "CVE-2016-9710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cognos Business Intelligence", "product_name": "Cognos Business Intelligence",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.1.1" "version_value": "10.1.1"
}, },
{ {
"version_value" : "10.2" "version_value": "10.2"
}, },
{ {
"version_value" : "10.2.1" "version_value": "10.2.1"
}, },
{ {
"version_value" : "10.2.1.1" "version_value": "10.2.1.1"
}, },
{ {
"version_value" : "10.2.2" "version_value": "10.2.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618" "lang": "eng",
}, "value": "IBM Predictive Solutions Foundation (formerly PMQ) could allow a remote attacker to include arbitrary files. A remote attacker could send a specially-crafted URL to specify a file from the local system, which could allow the attacker to obtain sensitive information. IBM X-Force ID: 119618."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22004036", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22004036" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98975", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98975" "lang": "eng",
} "value": "Obtain Information"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22004036",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004036"
},
{
"name": "98975",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98975"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119618"
}
]
}
}

162
2016/9xxx/CVE-2016-9728.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-9728", "ID": "CVE-2016-9728",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "QRadar SIEM", "product_name": "QRadar SIEM",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1 MR1" "version_value": "7.1 MR1"
}, },
{ {
"version_value" : "7.1" "version_value": "7.1"
}, },
{ {
"version_value" : "7.0" "version_value": "7.0"
}, },
{ {
"version_value" : "7.2" "version_value": "7.2"
}, },
{ {
"version_value" : "7.1 MR2" "version_value": "7.1 MR2"
}, },
{ {
"version_value" : "7" "version_value": "7"
}, },
{ {
"version_value" : "7.1 MR2" "version_value": "7.1 MR2"
}, },
{ {
"version_value" : "7.2.3" "version_value": "7.2.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21999543", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21999543" "lang": "eng",
} "value": "IBM Qradar 7.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM Reference #: 1999543."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21999543",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21999543"
}
]
}
}

220
2016/9xxx/CVE-2016-9959.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-9959", "ID": "CVE-2016-9959",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/15/11" "lang": "eng",
}, "value": "game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values."
{ }
"name" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html", ]
"refsource" : "MISC", },
"url" : "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bitbucket.org/mpyne/game-music-emu/wiki/Home" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2016-04383482b4", ]
"refsource" : "FEDORA", }
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/" ]
}, },
{ "references": {
"name" : "FEDORA-2016-fbf9f8b204", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/" "name": "SUSE-SA:2016:3250",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html"
"name" : "FEDORA-2017-3d771a1702", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/" "name": "FEDORA-2016-fbf9f8b204",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GGHAQI5Q2XDSPGRRKPJJM3A73VWAFSFL/"
"name" : "FEDORA-2017-5bf9a268df", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/" "name": "95305",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95305"
"name" : "GLSA-201707-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201707-02" "name": "[oss-security] 20161215 Re: CVE Request: Game Music Emulators: incorrect emulation of the SPC700 audio co-processor of SNES: arbitrary code execution via malformed SPC music file",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/12/15/11"
"name" : "SUSE-SA:2016:3250", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00090.html" "name": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html",
}, "refsource": "MISC",
{ "url": "https://scarybeastsecurity.blogspot.in/2016/12/redux-compromising-linux-using-snes.html"
"name" : "openSUSE-SA:2017:0022", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html" "name": "GLSA-201707-02",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201707-02"
"name" : "95305", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95305" "name": "FEDORA-2017-5bf9a268df",
} "refsource": "FEDORA",
] "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7Z2OVERYM6NW3FGVGTJUNSL5ZNFSH2S/"
} },
} {
"name": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home",
"refsource": "CONFIRM",
"url": "https://bitbucket.org/mpyne/game-music-emu/wiki/Home"
},
{
"name": "FEDORA-2016-04383482b4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LKMKVYS7AVB2EXC463FUYN6C6FABHME/"
},
{
"name": "FEDORA-2017-3d771a1702",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFKIFSFIDXOKFUKAH2MBNXDTY6DYBF6/"
},
{
"name": "openSUSE-SA:2017:0022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00005.html"
}
]
}
}

130
2016/9xxx/CVE-2016-9967.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9967", "ID": "CVE-2016-9967",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016" "lang": "eng",
}, "value": "Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121."
{ }
"name" : "94955", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94955" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94955"
},
{
"name": "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016",
"refsource": "CONFIRM",
"url": "http://security.samsungmobile.com/smrupdate.html#SMR-DEC-2016"
}
]
}
}

34
2019/2xxx/CVE-2019-2235.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2235", "ID": "CVE-2019-2235",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2284.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2284", "ID": "CVE-2019-2284",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2325.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2325", "ID": "CVE-2019-2325",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2670.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2670", "ID": "CVE-2019-2670",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6017.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6017", "ID": "CVE-2019-6017",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6079.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6079", "ID": "CVE-2019-6079",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6115.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6115", "ID": "CVE-2019-6115",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6376.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6376", "ID": "CVE-2019-6376",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7590.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7590", "ID": "CVE-2019-7590",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }