admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:36:13 +00:00
parent 04f63853ca
commit 1c1c3f2536
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3308 additions and 3308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
1999/0xxx/CVE-1999-0112.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0112", "ID": "CVE-1999-0112",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in AIX dtterm program for the CDE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "dtterm-bo(878)", "description_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/878" "lang": "eng",
} "value": "Buffer overflow in AIX dtterm program for the CDE."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "dtterm-bo(878)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/878"
}
]
}
}

130
1999/0xxx/CVE-1999-0362.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0362", "ID": "CVE-1999-0362",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WS_FTP server remote denial of service through cwd command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "AD02021999", "description_data": [
"refsource" : "EEYE", {
"url" : "http://www.eeye.com/html/Research/Advisories/AD02021999.html" "lang": "eng",
}, "value": "WS_FTP server remote denial of service through cwd command."
{ }
"name" : "217", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/217" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "AD02021999",
"refsource": "EEYE",
"url": "http://www.eeye.com/html/Research/Advisories/AD02021999.html"
},
{
"name": "217",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/217"
}
]
}
}

140
1999/1xxx/CVE-1999-1105.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1105", "ID": "CVE-1999-1105",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zdnet.com/eweek/reviews/1016/tr42bug.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.zdnet.com/eweek/reviews/1016/tr42bug.html" "lang": "eng",
}, "value": "Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary files by mapping the network drive."
{ }
"name" : "http://www.net-security.sk/bugs/NT/netware1.html", ]
"refsource" : "MISC", },
"url" : "http://www.net-security.sk/bugs/NT/netware1.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "win95-netware-hidden-share(7231)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/7231.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "win95-netware-hidden-share(7231)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7231.php"
},
{
"name": "http://www.zdnet.com/eweek/reviews/1016/tr42bug.html",
"refsource": "CONFIRM",
"url": "http://www.zdnet.com/eweek/reviews/1016/tr42bug.html"
},
{
"name": "http://www.net-security.sk/bugs/NT/netware1.html",
"refsource": "MISC",
"url": "http://www.net-security.sk/bugs/NT/netware1.html"
}
]
}
}

130
1999/1xxx/CVE-1999-1223.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1223", "ID": "CVE-1999-1223",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "Q187503", "description_data": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/support/kb/articles/q187/5/03.asp" "lang": "eng",
}, "value": "IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters."
{ }
"name" : "url-asp-av(3892)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3892" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "url-asp-av(3892)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3892"
},
{
"name": "Q187503",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q187/5/03.asp"
}
]
}
}

140
2000/1xxx/CVE-2000-1030.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1030", "ID": "CVE-2000-1030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001031 Re: Samba 2.0.7 SWAT vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/142672" "lang": "eng",
}, "value": "CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server."
{ }
"name" : "1888", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1888" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "corporatetime-brute-force(5529)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5529" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "corporatetime-brute-force(5529)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5529"
},
{
"name": "20001031 Re: Samba 2.0.7 SWAT vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/142672"
},
{
"name": "1888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1888"
}
]
}
}

160
2005/2xxx/CVE-2005-2292.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2292", "ID": "CVE-2005-2292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050713 Advisory: Oracle JDeveloper Plaintext Passwords", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112129177927502&w=2" "lang": "eng",
}, "value": "Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information."
{ }
"name" : "http://www.red-database-security.com/advisory/oracle_jdeveloper_plaintext_password.html", ]
"refsource" : "MISC", },
"url" : "http://www.red-database-security.com/advisory/oracle_jdeveloper_plaintext_password.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15991", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15991/" ]
}, },
{ "references": {
"name" : "jdeveloper-config-plaintext-password(21342)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21342" "name": "http://www.red-database-security.com/advisory/oracle_jdeveloper_plaintext_password.html",
} "refsource": "MISC",
] "url": "http://www.red-database-security.com/advisory/oracle_jdeveloper_plaintext_password.html"
} },
} {
"name": "15991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15991/"
},
{
"name": "jdeveloper-config-plaintext-password(21342)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21342"
},
{
"name": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html"
},
{
"name": "20050713 Advisory: Oracle JDeveloper Plaintext Passwords",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112129177927502&w=2"
}
]
}
}

140
2005/2xxx/CVE-2005-2682.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2682", "ID": "CVE-2005-2682",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47" "lang": "eng",
}, "value": "aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable)."
{ }
"name" : "http://www.formvista.com/otherprojects/areaedit", ]
"refsource" : "CONFIRM", },
"url" : "http://www.formvista.com/otherprojects/areaedit" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "16511", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16511" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.formvista.com/otherprojects/areaedit",
"refsource": "CONFIRM",
"url": "http://www.formvista.com/otherprojects/areaedit"
},
{
"name": "http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47",
"refsource": "CONFIRM",
"url": "http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47"
},
{
"name": "16511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16511"
}
]
}
}

160
2007/1xxx/CVE-2007-1058.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1058", "ID": "CVE-2007-1058",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in user_pages/page.asp in Online Web Building 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3339", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3339" "lang": "eng",
}, "value": "SQL injection vulnerability in user_pages/page.asp in Online Web Building 2.0 allows remote attackers to execute arbitrary SQL commands via the art_id parameter."
{ }
"name" : "ADV-2007-0674", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0674" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32677", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32677" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24208", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24208" ]
}, },
{ "references": {
"name" : "userpages2-page-sql-injection(32583)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32583" "name": "24208",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24208"
} },
} {
"name": "userpages2-page-sql-injection(32583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32583"
},
{
"name": "32677",
"refsource": "OSVDB",
"url": "http://osvdb.org/32677"
},
{
"name": "ADV-2007-0674",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0674"
},
{
"name": "3339",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3339"
}
]
}
}

180
2007/1xxx/CVE-2007-1604.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1604", "ID": "CVE-2007-1604",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unrestricted file upload vulnerabilities in w-Agora (Web-Agora) allow remote attackers to upload and execute arbitrary PHP code (1) via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or (2) by using browse_avatar.php to upload a file with a double extension, as demonstrated by .php.jpg."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/463286/100/0/threaded" "lang": "eng",
}, "value": "Multiple unrestricted file upload vulnerabilities in w-Agora (Web-Agora) allow remote attackers to upload and execute arbitrary PHP code (1) via a forum message with an attached file, which is stored under forums/hello/hello/notes/ or (2) by using browse_avatar.php to upload a file with a double extension, as demonstrated by .php.jpg."
{ }
"name" : "23055", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23055" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34383", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34383" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34384", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34384" ]
}, },
{ "references": {
"name" : "24605", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24605" "name": "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/463286/100/0/threaded"
"name" : "2462", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2462" "name": "wagora-browseavatar-file-upload(33173)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33173"
"name" : "wagora-browseavatar-file-upload(33173)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33173" "name": "23055",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23055"
} },
} {
"name": "2462",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2462"
},
{
"name": "34384",
"refsource": "OSVDB",
"url": "http://osvdb.org/34384"
},
{
"name": "24605",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24605"
},
{
"name": "34383",
"refsource": "OSVDB",
"url": "http://osvdb.org/34383"
}
]
}
}

160
2007/1xxx/CVE-2007-1621.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1621", "ID": "CVE-2007-1621",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CVE-2003-1254."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3504", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3504" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in templates/head.php in Active PHP Bookmark Notes (APB) 0.2.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the APB_SETTINGS[template_path] parameter. NOTE: this issue might be related to CVE-2003-1254."
{ }
"name" : "23010", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23010" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1009", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1009" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37226", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37226" ]
}, },
{ "references": {
"name" : "apbn-head-file-include(33065)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33065" "name": "3504",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/3504"
} },
} {
"name": "23010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23010"
},
{
"name": "apbn-head-file-include(33065)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33065"
},
{
"name": "37226",
"refsource": "OSVDB",
"url": "http://osvdb.org/37226"
},
{
"name": "ADV-2007-1009",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1009"
}
]
}
}

200
2007/5xxx/CVE-2007-5081.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5081", "ID": "CVE-2007-5081",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://service.real.com/realplayer/security/10252007_player/en/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://service.real.com/realplayer/security/10252007_player/en/" "lang": "eng",
}, "value": "Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file."
{ }
"name" : "20071030 RealPlayer Updates of October 25, 2007", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2007-October/001841.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26214", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26214" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:11625", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625" ]
}, },
{ "references": {
"name" : "ADV-2007-3628", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3628" "name": "http://service.real.com/realplayer/security/10252007_player/en/",
}, "refsource": "CONFIRM",
{ "url": "http://service.real.com/realplayer/security/10252007_player/en/"
"name" : "38340", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38340" "name": "1018866",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018866"
"name" : "1018866", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018866" "name": "oval:org.mitre.oval:def:11625",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11625"
"name" : "27361", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27361" "name": "20071030 RealPlayer Updates of October 25, 2007",
}, "refsource": "VIM",
{ "url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
"name" : "realplayer-rm-bo(37435)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435" "name": "ADV-2007-3628",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3628"
} },
} {
"name": "realplayer-rm-bo(37435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37435"
},
{
"name": "27361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27361"
},
{
"name": "38340",
"refsource": "OSVDB",
"url": "http://osvdb.org/38340"
},
{
"name": "26214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26214"
}
]
}
}

190
2007/5xxx/CVE-2007-5427.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5427", "ID": "CVE-2007-5427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071010 Vulnerabilities digest", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1."
{ }
"name" : "http://securityvulns.ru/Rdocument919.html", ]
"refsource" : "MISC", },
"url" : "http://securityvulns.ru/Rdocument919.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://websecurity.com.ua/1203/", "description": [
"refsource" : "MISC", {
"url" : "http://websecurity.com.ua/1203/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26031", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26031" ]
}, },
{ "references": {
"name" : "ADV-2007-3495", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3495" "name": "ADV-2007-3495",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3495"
"name" : "37709", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37709" "name": "26031",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26031"
"name" : "27196", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27196" "name": "37709",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37709"
"name" : "3216", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3216" "name": "20071010 Vulnerabilities digest",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
} },
} {
"name": "3216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3216"
},
{
"name": "http://websecurity.com.ua/1203/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/1203/"
},
{
"name": "27196",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27196"
},
{
"name": "http://securityvulns.ru/Rdocument919.html",
"refsource": "MISC",
"url": "http://securityvulns.ru/Rdocument919.html"
}
]
}
}

180
2007/5xxx/CVE-2007-5906.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5906", "ID": "CVE-2007-5906",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Xen-devel] 20071031 [PATCH, fixed] x86: fix debug register handling", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.xensource.com/archives/html/xen-devel/2007-10/msg01048.html" "lang": "eng",
}, "value": "Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints."
{ }
"name" : "SUSE-SR:2008:001", ]
"refsource" : "SUSE", },
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SR:2008:002", "description": [
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27219", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/27219" ]
}, },
{ "references": {
"name" : "28405", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28405" "name": "28412",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28412"
"name" : "28412", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28412" "name": "SUSE-SR:2008:002",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html"
"name" : "28636", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28636" "name": "[Xen-devel] 20071031 [PATCH, fixed] x86: fix debug register handling",
} "refsource": "MLIST",
] "url": "http://lists.xensource.com/archives/html/xen-devel/2007-10/msg01048.html"
} },
} {
"name": "28405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28405"
},
{
"name": "27219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27219"
},
{
"name": "28636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28636"
},
{
"name": "SUSE-SR:2008:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
}
]
}
}

190
2007/5xxx/CVE-2007-5913.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5913", "ID": "CVE-2007-5913",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071104 JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/483268/100/0/threaded" "lang": "eng",
}, "value": "dirsys/modules/auth.php in JBC Explorer 7.20 RC1 and earlier does not require authentication, which allows remote attackers to (1) delete auth.inc.php via the suppr parameter, and (2) re-create the auth.inc.php file with contents that specify a new account name and password for JBC Explorer via the login and password parameters."
{ }
"name" : "4608", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4608" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://mgsdl.free.fr/?1:33", "description": [
"refsource" : "MISC", {
"url" : "http://mgsdl.free.fr/?1:33" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26332", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26332" ]
}, },
{ "references": {
"name" : "42069", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42069" "name": "27533",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27533"
"name" : "27533", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27533" "name": "jbcexplorer-authinc-security-bypass(38269)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38269"
"name" : "3358", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3358" "name": "42069",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/42069"
"name" : "jbcexplorer-authinc-security-bypass(38269)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38269" "name": "26332",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/26332"
} },
} {
"name": "http://mgsdl.free.fr/?1:33",
"refsource": "MISC",
"url": "http://mgsdl.free.fr/?1:33"
},
{
"name": "20071104 JBC Explorer <= V7.20 RC 1 Remote Code Execution Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483268/100/0/threaded"
},
{
"name": "3358",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3358"
},
{
"name": "4608",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4608"
}
]
}
}

140
2009/2xxx/CVE-2009-2098.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2098", "ID": "CVE-2009-2098",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8966", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8966" "lang": "eng",
}, "value": "SQL injection vulnerability in topicler.php in phPortal 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter."
{ }
"name" : "35387", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35387" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55177", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/55177" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "35387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35387"
},
{
"name": "8966",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8966"
},
{
"name": "55177",
"refsource": "OSVDB",
"url": "http://osvdb.org/55177"
}
]
}
}

132
2015/3xxx/CVE-2015-3189.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-3189", "ID": "CVE-2015-3189",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cloud Foundry", "product_name": "Cloud Foundry",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Runtime cf-release versions v208 or earlier" "version_value": "Runtime cf-release versions v208 or earlier"
}, },
{ {
"version_value" : "UAA Standalone versions 2.2.5 or earlier" "version_value": "UAA Standalone versions 2.2.5 or earlier"
}, },
{ {
"version_value" : "Runtime 1.4.5 or earlier" "version_value": "Runtime 1.4.5 or earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Pivotal" "vendor_name": "Pivotal"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Password reset weakness"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://pivotal.io/security/cve-2015-3189", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://pivotal.io/security/cve-2015-3189" "lang": "eng",
} "value": "With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired after the user changes their current email address to a new one. This vulnerability is applicable only when using the UAA internal user store for authentication. Deployments enabled for integration via SAML or LDAP are not affected."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password reset weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2015-3189",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2015-3189"
}
]
}
}

130
2015/3xxx/CVE-2015-3324.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3324", "ID": "CVE-2015-3324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an \"encrypted remote KVM session,\" which allows man-in-the-middle attackers to spoof servers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.lenovo.com/us/en/product_security/tsm_weak_pw", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.lenovo.com/us/en/product_security/tsm_weak_pw" "lang": "eng",
}, "value": "The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an \"encrypted remote KVM session,\" which allows man-in-the-middle attackers to spoof servers."
{ }
"name" : "74199", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74199" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74199"
},
{
"name": "http://support.lenovo.com/us/en/product_security/tsm_weak_pw",
"refsource": "CONFIRM",
"url": "http://support.lenovo.com/us/en/product_security/tsm_weak_pw"
}
]
}
}

150
2015/3xxx/CVE-2015-3335.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3335", "ID": "CVE-2015-3335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html" "lang": "eng",
}, "value": "The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits for Native Client (aka NaCl) processes, which might make it easier for remote attackers to conduct row-hammer attacks or have unspecified other impact by leveraging the ability to run a crafted program in the NaCl sandbox."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=455839", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=455839" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openSUSE-SU-2015:0748", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72715", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/72715" ]
} },
] "references": {
} "reference_data": [
} {
"name": "72715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72715"
},
{
"name": "openSUSE-SU-2015:0748",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00040.html"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=455839",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=455839"
}
]
}
}

130
2015/3xxx/CVE-2015-3882.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3882", "ID": "CVE-2015-3882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "qdPM 8.3 allows remote attackers to obtain sensitive information via invalid ID value to index.php/users/info/id/[ID], which reveals the installation path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://rossmarks.uk/portfolio.php", "description_data": [
"refsource" : "MISC", {
"url" : "http://rossmarks.uk/portfolio.php" "lang": "eng",
}, "value": "qdPM 8.3 allows remote attackers to obtain sensitive information via invalid ID value to index.php/users/info/id/[ID], which reveals the installation path in an error message."
{ }
"name" : "http://rossmarks.uk/whitepapers/qdPM_8.3.txt", ]
"refsource" : "MISC", },
"url" : "http://rossmarks.uk/whitepapers/qdPM_8.3.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rossmarks.uk/whitepapers/qdPM_8.3.txt",
"refsource": "MISC",
"url": "http://rossmarks.uk/whitepapers/qdPM_8.3.txt"
},
{
"name": "http://rossmarks.uk/portfolio.php",
"refsource": "MISC",
"url": "http://rossmarks.uk/portfolio.php"
}
]
}
}

120
2015/3xxx/CVE-2015-3946.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-3946", "ID": "CVE-2015-3946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01" "lang": "eng",
} "value": "Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
}
]
}
}

34
2015/4xxx/CVE-2015-4098.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4098", "ID": "CVE-2015-4098",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2015/4xxx/CVE-2015-4118.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4118", "ID": "CVE-2015-4118",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150610 Multiple Vulnerabilities in ISPConfig", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535734/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server parameter. NOTE: this can be leveraged by remote attackers using CVE-2015-4119.2."
{ }
"name" : "37259", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/37259/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.htbridge.com/advisory/HTB23260", ]
"refsource" : "MISC", }
"url" : "https://www.htbridge.com/advisory/HTB23260" ]
}, },
{ "references": {
"name" : "http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898" "name": "20150610 Multiple Vulnerabilities in ISPConfig",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/535734/100/0/threaded"
"name" : "75126", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75126" "name": "http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898",
} "refsource": "CONFIRM",
] "url": "http://bugtracker.ispconfig.org/index.php?do=details&task_id=3898"
} },
} {
"name": "75126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75126"
},
{
"name": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132238/ISPConfig-3.0.5.4p6-SQL-Injection-Cross-Site-Request-Forgery.html"
},
{
"name": "37259",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37259/"
},
{
"name": "https://www.htbridge.com/advisory/HTB23260",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23260"
}
]
}
}

190
2015/4xxx/CVE-2015-4771.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4771", "ID": "CVE-2015-4771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to RBR."
{ }
"name" : "GLSA-201610-06", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201610-06" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1630", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:1646", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1629", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name" : "USN-2674-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2674-1" "name": "1032911",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032911"
"name" : "75835", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75835" "name": "RHSA-2015:1646",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
"name" : "1032911", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032911" "name": "openSUSE-SU-2015:1629",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"
} },
} {
"name": "USN-2674-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2674-1"
},
{
"name": "GLSA-201610-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-06"
},
{
"name": "75835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75835"
},
{
"name": "RHSA-2015:1630",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"
}
]
}
}

330
2015/4xxx/CVE-2015-4902.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4902", "ID": "CVE-2015-4902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment."
{ }
"name" : "GLSA-201603-11", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201603-11" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1430", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2015:2506", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" ]
}, },
{ "references": {
"name" : "RHSA-2015:2507", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" "name": "SUSE-SU-2015:2182",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
"name" : "RHSA-2015:2508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" "name": "openSUSE-SU-2015:1905",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
"name" : "RHSA-2015:2509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" "name": "SUSE-SU-2015:2192",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
"name" : "RHSA-2015:2518", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" "name": "RHSA-2015:2507",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
"name" : "RHSA-2015:1926", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" "name": "RHSA-2015:1928",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
"name" : "RHSA-2015:1927", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name" : "RHSA-2015:1928", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "SUSE-SU-2016:0113", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" "name": "RHSA-2015:2506",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
"name" : "openSUSE-SU-2016:0270", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" "name": "RHSA-2015:2509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
"name" : "SUSE-SU-2015:2166", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" "name": "1033884",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033884"
"name" : "SUSE-SU-2015:2168", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" "name": "SUSE-SU-2015:2166",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
"name" : "SUSE-SU-2015:2182", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" "name": "openSUSE-SU-2016:0270",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
"name" : "SUSE-SU-2015:2192", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" "name": "77241",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77241"
"name" : "SUSE-SU-2015:2216", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" "name": "GLSA-201603-11",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-11"
"name" : "SUSE-SU-2015:2268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" "name": "RHSA-2015:2518",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
"name" : "openSUSE-SU-2015:1905", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" "name": "SUSE-SU-2015:2216",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
"name" : "77241", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77241" "name": "RHSA-2015:1927",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
"name" : "1033884", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033884" "name": "SUSE-SU-2015:2268",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
} },
} {
"name": "SUSE-SU-2015:2168",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
},
{
"name": "RHSA-2015:1926",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
]
}
}

34
2015/4xxx/CVE-2015-4976.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4976", "ID": "CVE-2015-4976",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/7xxx/CVE-2015-7170.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7170", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7170",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

150
2015/7xxx/CVE-2015-7242.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7242", "ID": "CVE-2015-7242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160107 [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537249/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Push-Service-Mails feature in AVM FRITZ!OS before 6.30 allows remote attackers to inject arbitrary web script or HTML via the display name in the FROM field of an SIP INVITE message."
{ }
"name" : "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt", ]
"refsource" : "MISC", },
"url" : "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://avm.de/service/sicherheitsinfos-zu-updates/", ]
"refsource" : "CONFIRM", }
"url" : "https://avm.de/service/sicherheitsinfos-zu-updates/" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135168/AVM-FRITZ-OS-HTML-Injection.html"
},
{
"name": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt",
"refsource": "MISC",
"url": "http://ds-develop.de/advisories/advisory-2016-01-07-1-avm.txt"
},
{
"name": "https://avm.de/service/sicherheitsinfos-zu-updates/",
"refsource": "CONFIRM",
"url": "https://avm.de/service/sicherheitsinfos-zu-updates/"
},
{
"name": "20160107 [CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537249/100/0/threaded"
}
]
}
}

34
2015/8xxx/CVE-2015-8847.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8847", "ID": "CVE-2015-8847",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2015/8xxx/CVE-2015-8874.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8874", "ID": "CVE-2015-8874",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://php.net/ChangeLog-5.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call."
{ }
"name" : "https://bugs.php.net/bug.php?id=66387", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=66387" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3587", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3587" ]
}, },
{ "references": {
"name" : "RHSA-2016:2750", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" "name": "openSUSE-SU-2016:1524",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
"name" : "openSUSE-SU-2016:1524", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html" "name": "RHSA-2016:2750",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
"name" : "USN-2987-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2987-1" "name": "https://bugs.php.net/bug.php?id=66387",
} "refsource": "CONFIRM",
] "url": "https://bugs.php.net/bug.php?id=66387"
} },
} {
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "USN-2987-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2987-1"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name": "DSA-3587",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3587"
}
]
}
}

180
2015/8xxx/CVE-2015-8935.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8935", "ID": "CVE-2015-8935",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160620 CVE request for PHP bug #68978: \"XSS in header() with Internet Explorer\" (2015)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/20/3" "lang": "eng",
}, "value": "The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting (XSS) attacks against Internet Explorer by leveraging (1) %0A%20 or (2) %0D%0A%20 mishandling in the header function."
{ }
"name" : "https://bugs.php.net/bug.php?id=68978", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=68978" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b?w=1", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b?w=1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2016:2750", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2016:2013", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html" "name": "https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b?w=1",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/php/php-src/commit/996faf964bba1aec06b153b370a7f20d3dd2bb8b?w=1"
"name" : "openSUSE-SU-2016:1761", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" "name": "openSUSE-SU-2016:1761",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
"name" : "openSUSE-SU-2016:1922", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" "name": "openSUSE-SU-2016:1922",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
} },
} {
"name": "RHSA-2016:2750",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name": "[oss-security] 20160620 CVE request for PHP bug #68978: \"XSS in header() with Internet Explorer\" (2015)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/20/3"
},
{
"name": "https://bugs.php.net/bug.php?id=68978",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=68978"
},
{
"name": "SUSE-SU-2016:2013",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html"
}
]
}
}

34
2015/9xxx/CVE-2015-9086.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9086", "ID": "CVE-2015-9086",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/1xxx/CVE-2016-1453.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1453", "ID": "CVE-2016-1453",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20161005 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv" "lang": "eng",
}, "value": "Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701."
{ }
"name" : "93409", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93409" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036946", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036946" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20161005 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv"
},
{
"name": "93409",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93409"
},
{
"name": "1036946",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036946"
}
]
}
}

160
2016/5xxx/CVE-2016-5436.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5436", "ID": "CVE-2016-5436",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB."
{ }
"name" : "USN-3040-1", ]
"refsource" : "UBUNTU", },
"url" : "http://www.ubuntu.com/usn/USN-3040-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91787", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "91906", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/91906" ]
}, },
{ "references": {
"name" : "1036362", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036362" "name": "91906",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91906"
} },
} {
"name": "USN-3040-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3040-1"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "1036362",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036362"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

160
2016/5xxx/CVE-2016-5443.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5443", "ID": "CVE-2016-5443",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.7.12 and earlier allows local users to affect availability via vectors related to Server: Connection."
{ }
"name" : "USN-3040-1", ]
"refsource" : "UBUNTU", },
"url" : "http://www.ubuntu.com/usn/USN-3040-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91787", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "91963", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/91963" ]
}, },
{ "references": {
"name" : "1036362", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036362" "name": "USN-3040-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-3040-1"
} },
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91963"
},
{
"name": "1036362",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036362"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

140
2016/5xxx/CVE-2016-5493.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5493", "ID": "CVE-2016-5493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle FLEXCUBE Private Banking component in Oracle Financial Services Applications 12.0.1 through 12.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors."
{ }
"name" : "93654", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93654" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037049", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037049" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037049",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037049"
},
{
"name": "93654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93654"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}
]
}
}

140
2016/5xxx/CVE-2016-5544.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5544", "ID": "CVE-2016-5544",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Kernel/X86."
{ }
"name" : "93746", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93746" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037048", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037048" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037048"
},
{
"name": "93746",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93746"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}
]
}
}

136
2018/1999xxx/CVE-2018-1999019.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-07-20T20:44:32.987106", "DATE_ASSIGNED": "2018-07-20T20:44:32.987106",
"DATE_REQUESTED" : "2018-07-17T20:45:08", "DATE_REQUESTED": "2018-07-17T20:45:08",
"ID" : "CVE-2018-1999019", "ID": "CVE-2018-1999019",
"REQUESTER" : "moreau.indiana@gmail.com", "REQUESTER": "moreau.indiana@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chamilo LMS", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "11.x" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Chamilo" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Chamilo LMS version 11.x contains an Unserialization vulnerability in the \"hash\" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unserialization"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ibb.co/jBxe6y", "description_data": [
"refsource" : "MISC", {
"url" : "https://ibb.co/jBxe6y" "lang": "eng",
}, "value": "Chamilo LMS version 11.x contains an Unserialization vulnerability in the \"hash\" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62."
{ }
"name" : "https://github.com/chamilo/chamilo-lms/commit/0de84700648f098c1fbf6b807dee28ec640efe62", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/chamilo/chamilo-lms/commit/0de84700648f098c1fbf6b807dee28ec640efe62" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chamilo/chamilo-lms/commit/0de84700648f098c1fbf6b807dee28ec640efe62",
"refsource": "CONFIRM",
"url": "https://github.com/chamilo/chamilo-lms/commit/0de84700648f098c1fbf6b807dee28ec640efe62"
},
{
"name": "https://ibb.co/jBxe6y",
"refsource": "MISC",
"url": "https://ibb.co/jBxe6y"
}
]
}
}

34
2018/2xxx/CVE-2018-2051.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2051", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2051",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2065.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2065", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2065",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2075.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2075", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2075",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2097.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2097", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2097",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2554.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2554", "ID": "CVE-2018-2554",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

142
2018/2xxx/CVE-2018-2908.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2908", "ID": "CVE-2018-2908",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Operating System", "product_name": "Solaris Operating System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.3" "version_value": "11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)."
{ }
"name" : "104791", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104791" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041303", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041303" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with network access via RPC to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "1041303",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041303"
},
{
"name": "104791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104791"
}
]
}
}

160
2018/6xxx/CVE-2018-6000.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6000", "ID": "CVE-2018-6000",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43881", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43881/" "lang": "eng",
}, "value": "An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999."
{ }
"name" : "44176", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/44176/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://blogs.securiteam.com/index.php/archives/3589", "description": [
"refsource" : "MISC", {
"url" : "https://blogs.securiteam.com/index.php/archives/3589" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt", ]
"refsource" : "MISC", }
"url" : "https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt" ]
}, },
{ "references": {
"name" : "https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rb", "reference_data": [
"refsource" : "MISC", {
"url" : "https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rb" "name": "https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt",
} "refsource": "MISC",
] "url": "https://github.com/pedrib/PoC/blob/master/advisories/asuswrt-lan-rce.txt"
} },
} {
"name": "44176",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44176/"
},
{
"name": "https://blogs.securiteam.com/index.php/archives/3589",
"refsource": "MISC",
"url": "https://blogs.securiteam.com/index.php/archives/3589"
},
{
"name": "43881",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43881/"
},
{
"name": "https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rb",
"refsource": "MISC",
"url": "https://raw.githubusercontent.com/pedrib/PoC/master/exploits/metasploit/asuswrt_lan_rce.rb"
}
]
}
}

34
2019/0xxx/CVE-2019-0098.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0098", "ID": "CVE-2019-0098",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0176.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0176", "ID": "CVE-2019-0176",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0458.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0458", "ID": "CVE-2019-0458",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

366
2019/0xxx/CVE-2019-0636.json
View File

@ -1,185 +1,185 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0636", "ID": "CVE-2019-0636",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows", "product_name": "Windows",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7 for 32-bit Systems Service Pack 1" "version_value": "7 for 32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "7 for x64-based Systems Service Pack 1" "version_value": "7 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "8.1 for 32-bit systems" "version_value": "8.1 for 32-bit systems"
}, },
{ {
"version_value" : "8.1 for x64-based systems" "version_value": "8.1 for x64-based systems"
}, },
{ {
"version_value" : "RT 8.1" "version_value": "RT 8.1"
}, },
{ {
"version_value" : "10 for 32-bit Systems" "version_value": "10 for 32-bit Systems"
}, },
{ {
"version_value" : "10 for x64-based Systems" "version_value": "10 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1607 for 32-bit Systems" "version_value": "10 Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1607 for x64-based Systems" "version_value": "10 Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1703 for 32-bit Systems" "version_value": "10 Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1703 for x64-based Systems" "version_value": "10 Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1709 for 32-bit Systems" "version_value": "10 Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1709 for x64-based Systems" "version_value": "10 Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1803 for 32-bit Systems" "version_value": "10 Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1803 for x64-based Systems" "version_value": "10 Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1803 for ARM64-based Systems" "version_value": "10 Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "10 Version 1809 for 32-bit Systems" "version_value": "10 Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "10 Version 1809 for x64-based Systems" "version_value": "10 Version 1809 for x64-based Systems"
}, },
{ {
"version_value" : "10 Version 1809 for ARM64-based Systems" "version_value": "10 Version 1809 for ARM64-based Systems"
}, },
{ {
"version_value" : "10 Version 1709 for ARM64-based Systems" "version_value": "10 Version 1709 for ARM64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server", "product_name": "Windows Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)" "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
}, },
{ {
"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1" "version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "2008 R2 for x64-based Systems Service Pack 1" "version_value": "2008 R2 for x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)" "version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
}, },
{ {
"version_value" : "2012" "version_value": "2012"
}, },
{ {
"version_value" : "2012 (Core installation)" "version_value": "2012 (Core installation)"
}, },
{ {
"version_value" : "2012 R2" "version_value": "2012 R2"
}, },
{ {
"version_value" : "2012 R2 (Core installation)" "version_value": "2012 R2 (Core installation)"
}, },
{ {
"version_value" : "2016" "version_value": "2016"
}, },
{ {
"version_value" : "2016 (Core installation)" "version_value": "2016 (Core installation)"
}, },
{ {
"version_value" : "version 1709 (Core Installation)" "version_value": "version 1709 (Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Core Installation)" "version_value": "version 1803 (Core Installation)"
}, },
{ {
"version_value" : "2019" "version_value": "2019"
}, },
{ {
"version_value" : "2019 (Core installation)" "version_value": "2019 (Core installation)"
}, },
{ {
"version_value" : "2008 for Itanium-Based Systems Service Pack 2" "version_value": "2008 for Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for 32-bit Systems Service Pack 2" "version_value": "2008 for 32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for x64-based Systems Service Pack 2" "version_value": "2008 for x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)" "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636" "lang": "eng",
}, "value": "An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'."
{ }
"name" : "106895", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106895" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0636"
},
{
"name": "106895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106895"
}
]
}
}

34
2019/0xxx/CVE-2019-0886.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0886", "ID": "CVE-2019-0886",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1222.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1222", "ID": "CVE-2019-1222",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1268.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1268", "ID": "CVE-2019-1268",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1895.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1895", "ID": "CVE-2019-1895",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1919.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1919", "ID": "CVE-2019-1919",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4673.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4673", "ID": "CVE-2019-4673",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4696.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4696", "ID": "CVE-2019-4696",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4712.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4712", "ID": "CVE-2019-4712",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4718.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4718", "ID": "CVE-2019-4718",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5065.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5065", "ID": "CVE-2019-5065",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5173.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5173", "ID": "CVE-2019-5173",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5227.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5227", "ID": "CVE-2019-5227",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }