admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:02:08 +00:00
parent e53a88d9b6
commit 1bb87db024
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3431 additions and 3431 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

250
2007/0xxx/CVE-2007-0244.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0244",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827"
},
{
"name" : "DSA-1288",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1288"
},
{
"name" : "GLSA-200705-18",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200705-18.xml"
},
{
"name" : "SUSE-SR:2007:010",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"name" : "SUSE-SR:2007:019",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name" : "2007-0017",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0017/"
},
{
"name" : "USN-459-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-459-1"
},
{
"name" : "USN-459-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-459-2"
},
{
"name" : "23886",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23886"
},
{
"name" : "ADV-2007-1743",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1743"
},
{
"name" : "1018064",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018064"
},
{
"name" : "25220",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25220"
},
{
"name" : "25255",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25255"
},
{
"name" : "26987",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26987"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1743",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1743"
},
{
"name": "SUSE-SR:2007:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "1018064",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018064"
},
{
"name": "23886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23886"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=501476&group_id=44827"
},
{
"name": "2007-0017",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0017/"
},
{
"name": "26987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26987"
},
{
"name": "USN-459-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-459-1"
},
{
"name": "SUSE-SR:2007:010",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"
},
{
"name": "25255",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25255"
},
{
"name": "USN-459-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-459-2"
},
{
"name": "GLSA-200705-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200705-18.xml"
},
{
"name": "25220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25220"
},
{
"name": "DSA-1288",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1288"
}
]
}
}

250
2007/0xxx/CVE-2007-0734.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0734",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0734",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://docs.info.apple.com/article.html?artnum=305366",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305366"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305391",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name" : "APPLE-SA-2007-04-09",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html"
},
{
"name" : "APPLE-SA-2007-04-19",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name" : "TA07-109A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name" : "23396",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23396"
},
{
"name" : "23569",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23569"
},
{
"name" : "ADV-2007-1308",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1308"
},
{
"name" : "ADV-2007-1470",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1470"
},
{
"name" : "1017889",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017889"
},
{
"name" : "1017942",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017942"
},
{
"name" : "24830",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24830"
},
{
"name" : "24966",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24966"
},
{
"name" : "airportextreme-airportdisk-info-disclosure(33527)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33527"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fsck, as used by the AirPort Disk feature of the AirPort Extreme Base Station with 802.11n before Firmware Update 7.1, and by Apple Mac OS X 10.3.9 through 10.4.9, does not properly enforce password protection of a USB hard drive, which allows context-dependent attackers to list arbitrary directories or execute arbitrary code, resulting from memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24830",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24830"
},
{
"name": "24966",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24966"
},
{
"name": "23396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23396"
},
{
"name": "airportextreme-airportdisk-info-disclosure(33527)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33527"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305391"
},
{
"name": "ADV-2007-1308",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1308"
},
{
"name": "23569",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23569"
},
{
"name": "APPLE-SA-2007-04-09",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Apr/msg00000.html"
},
{
"name": "1017942",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017942"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "1017889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017889"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305366",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305366"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}
}

150
2007/0xxx/CVE-2007-0825.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0825",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3276",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3276"
},
{
"name" : "22433",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22433"
},
{
"name" : "35796",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35796"
},
{
"name" : "flashfxp-pwdcommand-dos(32416)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32416"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35796",
"refsource": "OSVDB",
"url": "http://osvdb.org/35796"
},
{
"name": "22433",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22433"
},
{
"name": "flashfxp-pwdcommand-dos(32416)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32416"
},
{
"name": "3276",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3276"
}
]
}
}

190
2007/3xxx/CVE-2007-3097.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3097",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070604 S21Sec-035: F5 FirePass command execution vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470444/100/0/threaded"
},
{
"name" : "http://www.s21sec.com/avisos/s21sec-035-en.txt",
"refsource" : "MISC",
"url" : "http://www.s21sec.com/avisos/s21sec-035-en.txt"
},
{
"name" : "24306",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24306"
},
{
"name" : "ADV-2007-2073",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2073"
},
{
"name" : "35246",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/35246"
},
{
"name" : "1018190",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018190"
},
{
"name" : "25563",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25563"
},
{
"name" : "firepass-myactivation-command-execution(34708)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34708"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "my.activation.php3 in F5 FirePass 4100 SSL VPN allows remote attackers to execute arbitrary shell commands via shell metacharacters in the username parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018190",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018190"
},
{
"name": "25563",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25563"
},
{
"name": "http://www.s21sec.com/avisos/s21sec-035-en.txt",
"refsource": "MISC",
"url": "http://www.s21sec.com/avisos/s21sec-035-en.txt"
},
{
"name": "20070604 S21Sec-035: F5 FirePass command execution vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470444/100/0/threaded"
},
{
"name": "firepass-myactivation-command-execution(34708)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34708"
},
{
"name": "ADV-2007-2073",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2073"
},
{
"name": "24306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24306"
},
{
"name": "35246",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35246"
}
]
}
}

130
2007/3xxx/CVE-2007-3141.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3141",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070607 phpWebThings ==>1.5.2 RFI",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470794/100/0/threaded"
},
{
"name" : "2786",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2786"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in core/editor.php in phpWebThings 1.5.2 allows remote attackers to execute arbitrary PHP code via a URL in the editor_insert_top parameter. NOTE: the editor_insert_bottom vector is already covered by CVE-2006-6042."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070607 phpWebThings ==>1.5.2 RFI",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470794/100/0/threaded"
},
{
"name": "2786",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2786"
}
]
}
}

170
2007/3xxx/CVE-2007-3196.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3196",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remote attackers to execute arbitrary SQL commands via the ticketid parameter in a showticket action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070609 vSupport Integrated Ticket System 3.*.* SQL injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470966/100/0/threaded"
},
{
"name" : "24397",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24397"
},
{
"name" : "37331",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37331"
},
{
"name" : "38811",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38811"
},
{
"name" : "2795",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2795"
},
{
"name" : "vbsupport-vbsupport-sql-injection(34804)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34804"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in vBSupport.php in vSupport Integrated Ticket System 3.x.x allows remote attackers to execute arbitrary SQL commands via the ticketid parameter in a showticket action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37331",
"refsource": "OSVDB",
"url": "http://osvdb.org/37331"
},
{
"name": "38811",
"refsource": "OSVDB",
"url": "http://osvdb.org/38811"
},
{
"name": "2795",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2795"
},
{
"name": "vbsupport-vbsupport-sql-injection(34804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34804"
},
{
"name": "20070609 vSupport Integrated Ticket System 3.*.* SQL injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470966/100/0/threaded"
},
{
"name": "24397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24397"
}
]
}
}

34
2007/3xxx/CVE-2007-3877.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3877",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3877",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

190
2007/4xxx/CVE-2007-4379.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4379",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/476520/100/0/threaded"
},
{
"name" : "http://aluigi.altervista.org/adv/bv2x-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/bv2x-adv.txt"
},
{
"name" : "25329",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25329"
},
{
"name" : "26453",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26453"
},
{
"name" : "3024",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3024"
},
{
"name" : "baboviolent-map-names-dos(36016)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36016"
},
{
"name" : "baboviolent-packets-dos(36014)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36014"
},
{
"name" : "baboviolent-udp-dos(36017)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36017"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Babo Violent 2 2.08.00 and earlier allows remote attackers to cause a denial of service (application crash) via (1) a value greater than 0x27 for the (a) 0xca, (b) 0xcb, (c) 0xcc, (d) 0xce, (e) 0xcf, or (f) 0xd0 data ID; (2) a nonexistent map name; or (3) a UDP packet that specifies a large data size."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "baboviolent-map-names-dos(36016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36016"
},
{
"name": "26453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26453"
},
{
"name": "baboviolent-packets-dos(36014)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36014"
},
{
"name": "3024",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3024"
},
{
"name": "baboviolent-udp-dos(36017)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36017"
},
{
"name": "20070814 Multiple vulnerabilities in Babo Violent 2 2.08.00",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476520/100/0/threaded"
},
{
"name": "http://aluigi.altervista.org/adv/bv2x-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/bv2x-adv.txt"
},
{
"name": "25329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25329"
}
]
}
}

170
2007/4xxx/CVE-2007-4500.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4500",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[Users] 20070822 New version: 0.8.3 beta",
"refsource" : "MLIST",
"url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000102.html"
},
{
"name" : "[Users] 20070822 SECURITY: root privilege escalation / trivial reveal of stored passwords",
"refsource" : "MLIST",
"url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000098.html"
},
{
"name" : "[Users] 20070823 New version: 0.8.3 beta",
"refsource" : "MLIST",
"url" : "http://www.sshkeychain.org/pipermail/users/2007-August/000104.html"
},
{
"name" : "25409",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25409"
},
{
"name" : "1018630",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018630"
},
{
"name" : "26617",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26617"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in TunnelRunner in SSHKeychain before 0.8.2 beta, and possibly later versions, allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[Users] 20070822 New version: 0.8.3 beta",
"refsource": "MLIST",
"url": "http://www.sshkeychain.org/pipermail/users/2007-August/000102.html"
},
{
"name": "1018630",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018630"
},
{
"name": "[Users] 20070822 SECURITY: root privilege escalation / trivial reveal of stored passwords",
"refsource": "MLIST",
"url": "http://www.sshkeychain.org/pipermail/users/2007-August/000098.html"
},
{
"name": "26617",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26617"
},
{
"name": "[Users] 20070823 New version: 0.8.3 beta",
"refsource": "MLIST",
"url": "http://www.sshkeychain.org/pipermail/users/2007-August/000104.html"
},
{
"name": "25409",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25409"
}
]
}
}

220
2007/4xxx/CVE-2007-4538.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4538",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/477630/100/0/threaded"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=386860",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=386860"
},
{
"name" : "http://www.bugzilla.org/security/2.20.4/",
"refsource" : "CONFIRM",
"url" : "http://www.bugzilla.org/security/2.20.4/"
},
{
"name" : "GLSA-200709-18",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200709-18.xml"
},
{
"name" : "25425",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25425"
},
{
"name" : "ADV-2007-2977",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2977"
},
{
"name" : "37203",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37203"
},
{
"name" : "1018604",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018604"
},
{
"name" : "26584",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26584"
},
{
"name" : "26971",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26971"
},
{
"name" : "bugzilla-sendmail-command-execution(36243)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36243"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37203",
"refsource": "OSVDB",
"url": "http://osvdb.org/37203"
},
{
"name": "GLSA-200709-18",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200709-18.xml"
},
{
"name": "20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477630/100/0/threaded"
},
{
"name": "bugzilla-sendmail-command-execution(36243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36243"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=386860",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=386860"
},
{
"name": "26971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26971"
},
{
"name": "ADV-2007-2977",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2977"
},
{
"name": "26584",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26584"
},
{
"name": "1018604",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018604"
},
{
"name": "25425",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25425"
},
{
"name": "http://www.bugzilla.org/security/2.20.4/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/2.20.4/"
}
]
}
}

490
2007/4xxx/CVE-2007-4658.json
View File

@ -1,247 +1,247 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4658",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.php.net/ChangeLog-5.php#5.2.4",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"name" : "http://www.php.net/releases/5_2_4.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_4.php"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1702",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1702"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1693",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1693"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"name" : "https://launchpad.net/bugs/173043",
"refsource" : "CONFIRM",
"url" : "https://launchpad.net/bugs/173043"
},
{
"name" : "http://www.php.net/ChangeLog-4.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-4.php"
},
{
"name" : "http://www.php.net/releases/4_4_8.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/4_4_8.php"
},
{
"name" : "DSA-1444",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1444"
},
{
"name" : "FEDORA-2007-709",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
},
{
"name" : "GLSA-200710-02",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name" : "MDKSA-2007:187",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name" : "RHSA-2007:0890",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name" : "RHSA-2007:0889",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"name" : "RHSA-2007:0891",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name" : "SSA:2008-045-03",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136"
},
{
"name" : "SUSE-SA:2008:004",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"name" : "2007-0026",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0026/"
},
{
"name" : "USN-549-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/549-1/"
},
{
"name" : "USN-549-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-549-2"
},
{
"name" : "oval:org.mitre.oval:def:10363",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363"
},
{
"name" : "ADV-2007-3023",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3023"
},
{
"name" : "26642",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26642"
},
{
"name" : "26822",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26822"
},
{
"name" : "26838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26838"
},
{
"name" : "26930",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26930"
},
{
"name" : "26871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26871"
},
{
"name" : "26895",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26895"
},
{
"name" : "26967",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26967"
},
{
"name" : "27377",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27377"
},
{
"name" : "27545",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27545"
},
{
"name" : "27102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27102"
},
{
"name" : "27864",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27864"
},
{
"name" : "28249",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28249"
},
{
"name" : "28658",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28658"
},
{
"name" : "28936",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28936"
},
{
"name" : "ADV-2008-0059",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0059"
},
{
"name" : "php-moneyformat-unspecified(36377)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36377"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26822"
},
{
"name": "php-moneyformat-unspecified(36377)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36377"
},
{
"name": "https://launchpad.net/bugs/173043",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/173043"
},
{
"name": "SUSE-SA:2008:004",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
},
{
"name": "ADV-2008-0059",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0059"
},
{
"name": "28658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28658"
},
{
"name": "FEDORA-2007-709",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
},
{
"name": "26967",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26967"
},
{
"name": "DSA-1444",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1444"
},
{
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "27864",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27864"
},
{
"name": "oval:org.mitre.oval:def:10363",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10363"
},
{
"name": "http://www.php.net/releases/4_4_8.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/4_4_8.php"
},
{
"name": "SSA:2008-045-03",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.335136"
},
{
"name": "http://www.php.net/ChangeLog-5.php#5.2.4",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.2.4"
},
{
"name": "28936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28936"
},
{
"name": "26930",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26930"
},
{
"name": "2007-0026",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0026/"
},
{
"name": "RHSA-2007:0889",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
},
{
"name": "USN-549-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"name": "https://issues.rpath.com/browse/RPL-1693",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1693"
},
{
"name": "28249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28249"
},
{
"name": "https://issues.rpath.com/browse/RPL-1702",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1702"
},
{
"name": "27545",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27545"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
},
{
"name": "26838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26838"
},
{
"name": "27377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27377"
},
{
"name": "MDKSA-2007:187",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
},
{
"name": "http://www.php.net/ChangeLog-4.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-4.php"
},
{
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
},
{
"name": "ADV-2007-3023",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3023"
},
{
"name": "http://www.php.net/releases/5_2_4.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"name": "26895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26895"
},
{
"name": "USN-549-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"name": "RHSA-2007:0890",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name": "RHSA-2007:0891",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name": "26871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26871"
},
{
"name": "26642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26642"
}
]
}
}

190
2007/4xxx/CVE-2007-4708.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4708",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4708",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://docs.info.apple.com/article.html?artnum=307179",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name" : "APPLE-SA-2007-12-17",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name" : "TA07-352A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name" : "26910",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26910"
},
{
"name" : "ADV-2007-4238",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name" : "1019106",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019106"
},
{
"name" : "28136",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28136"
},
{
"name" : "macos-addressbook-format-string(39092)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39092"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-4238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name": "TA07-352A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name": "28136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28136"
},
{
"name": "26910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26910"
},
{
"name": "1019106",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019106"
},
{
"name": "APPLE-SA-2007-12-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name": "macos-addressbook-format-string(39092)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39092"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307179",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307179"
}
]
}
}

190
2007/6xxx/CVE-2007-6103.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-6103",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://aluigi.altervista.org/adv/ihudos-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/ihudos-adv.txt"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788",
"refsource" : "MISC",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788"
},
{
"name" : "26516",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26516"
},
{
"name" : "42395",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42395"
},
{
"name" : "42396",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42396"
},
{
"name" : "27754",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27754"
},
{
"name" : "ihearu-packet-dos(38568)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38568"
},
{
"name" : "ihearu-ring-dos(38569)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38569"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a denial of service (infinite loop) via a packet that contains zero in the size field in its header, which is improperly handled by the Receiver::processPacket function; and (2) a denial of service (daemon crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does not specify the mode, which is improperly handled by the Player::ring function in Player.cpp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26516"
},
{
"name": "42396",
"refsource": "OSVDB",
"url": "http://osvdb.org/42396"
},
{
"name": "ihearu-packet-dos(38568)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38568"
},
{
"name": "http://aluigi.altervista.org/adv/ihudos-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/ihudos-adv.txt"
},
{
"name": "42395",
"refsource": "OSVDB",
"url": "http://osvdb.org/42395"
},
{
"name": "ihearu-ring-dos(38569)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38569"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?release_id=355409&group_id=75788"
},
{
"name": "27754",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27754"
}
]
}
}

170
2010/5xxx/CVE-2010-5092.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5092",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-5092",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name" : "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/01/3"
},
{
"name" : "http://open.silverstripe.org/ticket/5772",
"refsource" : "MISC",
"url" : "http://open.silverstripe.org/ticket/5772"
},
{
"name" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1"
},
{
"name" : "http://open.silverstripe.org/changeset/107532",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/107532"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/01/3"
},
{
"name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name": "http://open.silverstripe.org/ticket/5772",
"refsource": "MISC",
"url": "http://open.silverstripe.org/ticket/5772"
},
{
"name": "http://open.silverstripe.org/changeset/107532",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/107532"
},
{
"name": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1"
}
]
}
}

210
2014/1xxx/CVE-2014-1742.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1742",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2014-1742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=356690",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=356690"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=171440&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=171440&view=revision"
},
{
"name" : "DSA-2930",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2930"
},
{
"name" : "GLSA-201408-16",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"name" : "openSUSE-SU-2014:0783",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"name" : "67375",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/67375"
},
{
"name" : "1030240",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030240"
},
{
"name" : "59155",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59155"
},
{
"name" : "60372",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/60372"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the FrameSelection::updateAppearance function in core/editing/FrameSelection.cpp in Blink, as used in Google Chrome before 34.0.1847.137, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper RenderObject handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2930",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2930"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=171440&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=171440&view=revision"
},
{
"name": "GLSA-201408-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"name": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html"
},
{
"name": "60372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60372"
},
{
"name": "openSUSE-SU-2014:0783",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00023.html"
},
{
"name": "59155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59155"
},
{
"name": "67375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67375"
},
{
"name": "1030240",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030240"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=356690",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=356690"
}
]
}
}

34
2014/1xxx/CVE-2014-1768.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1768",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-1768",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}
}

130
2014/5xxx/CVE-2014-5277.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5277",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU",
"refsource" : "CONFIRM",
"url" : "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU"
},
{
"name" : "openSUSE-SU-2014:1411",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-11/msg00048.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2014:1411",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00048.html"
},
{
"name": "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/#!topic/docker-user/oYm0i3xShJU"
}
]
}
}

34
2014/5xxx/CVE-2014-5463.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5463",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5463",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/5xxx/CVE-2014-5668.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5668",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#804257",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/804257"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BAND -Group sharing & planning (aka com.nhn.android.band) application 3.2.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#804257",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/804257"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5860.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5860",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#900617",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/900617"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Slide Show Creator (aka com.amem) application 4.4.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#900617",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/900617"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

130
2015/2xxx/CVE-2015-2388.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2388",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1738."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2388",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
},
{
"name" : "1032894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032894"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1738."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032894"
},
{
"name": "MS15-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}
]
}
}

130
2015/2xxx/CVE-2015-2419.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2419",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2419",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
},
{
"name" : "1032894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032894"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"JScript9 Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032894"
},
{
"name": "MS15-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}
]
}
}

140
2015/2xxx/CVE-2015-2489.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2489",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-094",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name" : "76585",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76585"
},
{
"name" : "1033487",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033487"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka \"Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "76585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76585"
},
{
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}
}

130
2015/2xxx/CVE-2015-2592.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2592",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-2584."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "1032924",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032924"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Hyperion Enterprise Performance Management Architect component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote authenticated users to affect integrity via unknown vectors related to Security, a different vulnerability than CVE-2015-2584."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032924",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032924"
}
]
}
}

130
2015/6xxx/CVE-2015-6323.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6323",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160113 Cisco Identity Services Engine Unauthorized Access Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise"
},
{
"name" : "1034666",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034666"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160113 Cisco Identity Services Engine Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise"
},
{
"name": "1034666",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034666"
}
]
}
}

190
2015/6xxx/CVE-2015-6834.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6834",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2015-6834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://php.net/ChangeLog-5.php"
},
{
"name" : "https://bugs.php.net/bug.php?id=70172",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=70172"
},
{
"name" : "https://bugs.php.net/bug.php?id=70365",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=70365"
},
{
"name" : "https://bugs.php.net/bug.php?id=70366",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=70366"
},
{
"name" : "DSA-3358",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3358"
},
{
"name" : "GLSA-201606-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-10"
},
{
"name" : "76649",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76649"
},
{
"name" : "1033548",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033548"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable interface, (2) the SplObjectStorage class, and (3) the SplDoublyLinkedList class, which are mishandled during unserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.php.net/bug.php?id=70366",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70366"
},
{
"name": "1033548",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033548"
},
{
"name": "76649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76649"
},
{
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "https://bugs.php.net/bug.php?id=70365",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70365"
},
{
"name": "https://bugs.php.net/bug.php?id=70172",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70172"
},
{
"name": "DSA-3358",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3358"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
}
]
}
}

130
2016/0xxx/CVE-2016-0513.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0513",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034726",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034726"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}
}

34
2016/0xxx/CVE-2016-0924.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0924",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2761. Reason: This candidate is subsumed by CVE-2004-2761. Notes: All CVE users should reference CVE-2004-2761 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-0924",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-2761. Reason: This candidate is subsumed by CVE-2004-2761. Notes: All CVE users should reference CVE-2004-2761 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

140
2016/1000xxx/CVE-2016-1000127.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000127",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Reflected XSS in wordpress plugin ajax-random-post v2.00"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000127",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=494",
"refsource" : "MISC",
"url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=494"
},
{
"name" : "https://wordpress.org/plugins/ajax-random-post",
"refsource" : "MISC",
"url" : "https://wordpress.org/plugins/ajax-random-post"
},
{
"name" : "93895",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93895"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Reflected XSS in wordpress plugin ajax-random-post v2.00"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93895"
},
{
"name": "https://wordpress.org/plugins/ajax-random-post",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/ajax-random-post"
},
{
"name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=494",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=494"
}
]
}
}

34
2016/10xxx/CVE-2016-10023.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10023",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-10023",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

130
2016/10xxx/CVE-2016-10125.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10125",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/",
"refsource" : "MISC",
"url" : "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/"
},
{
"name" : "95329",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95329"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which allows man-in-the-middle attackers to spoof devices by hijacking an HTTPS session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/",
"refsource": "MISC",
"url": "https://labs.integrity.pt/advisories/dlink-dgs-1100-hardcoded-keys/"
},
{
"name": "95329",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95329"
}
]
}
}

160
2016/10xxx/CVE-2016-10268.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10268",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/"
},
{
"name" : "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df",
"refsource" : "MISC",
"url" : "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df"
},
{
"name" : "GLSA-201709-27",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201709-27"
},
{
"name" : "USN-3602-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3602-1/"
},
{
"name" : "97202",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97202"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2017/01/01/libtiff-multiple-heap-based-buffer-overflow/"
},
{
"name": "GLSA-201709-27",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201709-27"
},
{
"name": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df",
"refsource": "MISC",
"url": "https://github.com/vadz/libtiff/commit/5397a417e61258c69209904e652a1f409ec3b9df"
},
{
"name": "USN-3602-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3602-1/"
},
{
"name": "97202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97202"
}
]
}
}

120
2016/4xxx/CVE-2016-4158.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4158",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/creative-cloud/apsb16-21.html"
}
]
}
}

160
2016/4xxx/CVE-2016-4280.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4280",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name" : "GLSA-201610-10",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-10"
},
{
"name" : "RHSA-2016:1865",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name" : "92930",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92930"
},
{
"name" : "1036791",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036791"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201610-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-10"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name": "RHSA-2016:1865",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name": "92930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92930"
},
{
"name": "1036791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036791"
}
]
}
}

140
2016/4xxx/CVE-2016-4345.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4345",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160428 [CVE Requests] PHP issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"name" : "http://php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://php.net/ChangeLog-7.php"
},
{
"name" : "https://bugs.php.net/bug.php?id=71637",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=71637"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the php_filter_encode_url function in ext/filter/sanitizing_filters.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.php.net/bug.php?id=71637",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=71637"
},
{
"name": "[oss-security] 20160428 [CVE Requests] PHP issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"name": "http://php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-7.php"
}
]
}
}

180
2016/4xxx/CVE-2016-4348.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4348",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/28/4"
},
{
"name" : "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/28/7"
},
{
"name" : "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/30/3"
},
{
"name" : "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/10/15"
},
{
"name" : "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2",
"refsource" : "CONFIRM",
"url" : "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2"
},
{
"name" : "DSA-3584",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3584"
},
{
"name" : "openSUSE-SU-2016:1333",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160428 CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/4"
},
{
"name": "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2",
"refsource": "CONFIRM",
"url": "https://git.gnome.org/browse/librsvg/commit/?id=d1c9191949747f6dcfd207831d15dd4ba00e31f2"
},
{
"name": "[oss-security] 20160430 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/30/3"
},
{
"name": "DSA-3584",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3584"
},
{
"name": "openSUSE-SU-2016:1333",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00079.html"
},
{
"name": "[oss-security] 20160428 Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/7"
},
{
"name": "[oss-security] 20160511 Re: Re: CVE requests: DoS in librsvg parsing SVGs with circular definitions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/10/15"
}
]
}
}

160
2016/4xxx/CVE-2016-4480.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4480",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4480",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://xenbits.xen.org/xsa/advisory-176.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-176.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name" : "DSA-3633",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3633"
},
{
"name" : "90710",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90710"
},
{
"name" : "1035901",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035901"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen 4.6.x and earlier does not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "90710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90710"
},
{
"name": "1035901",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035901"
},
{
"name": "DSA-3633",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3633"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-176.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-176.html"
}
]
}
}

34
2016/9xxx/CVE-2016-9289.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9289",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9289",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2016/9xxx/CVE-2016-9540.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9540",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka \"cpStripToTile heap-buffer-overflow.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9540",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3",
"refsource" : "CONFIRM",
"url" : "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3"
},
{
"name" : "DSA-3762",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3762"
},
{
"name" : "RHSA-2017:0225",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0225.html"
},
{
"name" : "94484",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94484"
},
{
"name" : "94747",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94747"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka \"cpStripToTile heap-buffer-overflow.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3",
"refsource": "CONFIRM",
"url": "https://github.com/vadz/libtiff/commit/5ad9d8016fbb60109302d558f7edb2cb2a3bb8e3"
},
{
"name": "94747",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94747"
},
{
"name": "RHSA-2017:0225",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0225.html"
},
{
"name": "94484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94484"
},
{
"name": "DSA-3762",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3762"
}
]
}
}

34
2019/2xxx/CVE-2019-2082.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2082",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2082",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2176.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2176",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2176",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2691.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2691",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2691",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/2xxx/CVE-2019-2773.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2773",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2773",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3362.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3362",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3362",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3788.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3788",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3788",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3868.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3868",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3868",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3915.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3915",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3915",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6036.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6036",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6036",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6074.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6074",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6074",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/6xxx/CVE-2019-6265.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6265",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.detack.de/en/cve-2019-6265-6266",
"refsource" : "MISC",
"url" : "https://www.detack.de/en/cve-2019-6265-6266"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.detack.de/en/cve-2019-6265-6266",
"refsource": "MISC",
"url": "https://www.detack.de/en/cve-2019-6265-6266"
}
]
}
}

34
2019/6xxx/CVE-2019-6830.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6830",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6830",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2019/7xxx/CVE-2019-7175.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7175",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae",
"refsource" : "MISC",
"url" : "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae"
},
{
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1450",
"refsource" : "MISC",
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1450"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/1450",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1450"
}
]
}
}

34
2019/7xxx/CVE-2019-7243.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7243",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7243",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7785.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7785",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7785",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8179.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8179",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8179",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8248.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8248",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8248",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/8xxx/CVE-2019-8427.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8427",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8427",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection",
"refsource" : "MISC",
"url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection",
"refsource": "MISC",
"url": "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection"
}
]
}
}

34
2019/8xxx/CVE-2019-8628.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8628",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8628",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9371.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9371",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9371",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}