admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 18:28:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:46:24 +00:00
parent bf244bee96
commit 1f649968b1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3545 additions and 3501 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2007/0xxx/CVE-2007-0119.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0119",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070105 Multiple bugs in EditTag",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456055/100/0/threaded"
},
{
"name" : "21891",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21891"
},
{
"name" : "33390",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33390"
},
{
"name" : "33391",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33391"
},
{
"name" : "33392",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33392"
},
{
"name" : "7950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/7950"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070105 Multiple bugs in EditTag",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456055/100/0/threaded"
},
{
"name": "33390",
"refsource": "OSVDB",
"url": "http://osvdb.org/33390"
},
{
"name": "33392",
"refsource": "OSVDB",
"url": "http://osvdb.org/33392"
},
{
"name": "7950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7950"
},
{
"name": "21891",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21891"
},
{
"name": "33391",
"refsource": "OSVDB",
"url": "http://osvdb.org/33391"
}
]
}
}

160
2007/0xxx/CVE-2007-0382.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0382",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070204 Sql injection bugs in Virtuemart and Letterman",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/459195/100/0/threaded"
},
{
"name" : "20070118 The vulnerabilities festival !",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html"
},
{
"name" : "http://www.hackers.ir/advisories/festival.txt",
"refsource" : "MISC",
"url" : "http://www.hackers.ir/advisories/festival.txt"
},
{
"name" : "22117",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22117"
},
{
"name" : "33688",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33688"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in letterman.class.php in the Letterman 1.2.3 (com_letterman) component for Joomla! before 1.0.12 allow remote attackers to execute arbitrary SQL commands via the id parameter, related to the (1) lm_sendMail, (2) saveNewsletter, and (3) cancelNewsletter functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33688",
"refsource": "OSVDB",
"url": "http://osvdb.org/33688"
},
{
"name": "20070118 The vulnerabilities festival !",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html"
},
{
"name": "22117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22117"
},
{
"name": "20070204 Sql injection bugs in Virtuemart and Letterman",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459195/100/0/threaded"
},
{
"name": "http://www.hackers.ir/advisories/festival.txt",
"refsource": "MISC",
"url": "http://www.hackers.ir/advisories/festival.txt"
}
]
}
}

170
2007/0xxx/CVE-2007-0415.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0415",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "BEA07-142.00",
"refsource" : "BEA",
"url" : "http://dev2dev.bea.com/pub/advisory/209"
},
{
"name" : "22082",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22082"
},
{
"name" : "ADV-2007-0213",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0213"
},
{
"name" : "38509",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38509"
},
{
"name" : "1017525",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017525"
},
{
"name" : "23750",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23750"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BEA WebLogic Server 8.1 through 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows attackers to bypass intended access restrictions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38509",
"refsource": "OSVDB",
"url": "http://osvdb.org/38509"
},
{
"name": "1017525",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017525"
},
{
"name": "23750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23750"
},
{
"name": "BEA07-142.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/209"
},
{
"name": "22082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22082"
},
{
"name": "ADV-2007-0213",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0213"
}
]
}
}

210
2007/0xxx/CVE-2007-0431.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0431",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457406/100/0/threaded"
},
{
"name" : "20070123 Re: DoS against AVM Fritz!Box 7050 (and others)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457829/100/0/threaded"
},
{
"name" : "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0387.html"
},
{
"name" : "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS",
"refsource" : "MISC",
"url" : "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS"
},
{
"name" : "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt"
},
{
"name" : "22130",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22130"
},
{
"name" : "ADV-2007-0272",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0272"
},
{
"name" : "32940",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32940"
},
{
"name" : "23868",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23868"
},
{
"name" : "fritzbox-udp-packet-dos(31633)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31633"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AVM Fritz!Box 7050, and possibly other product models, allows remote attackers to cause a denial of service (VoIP application crash) via a zero-length UDP packet to the SIP port (port 5060)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0387.html"
},
{
"name": "22130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22130"
},
{
"name": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS",
"refsource": "MISC",
"url": "http://mazzoo.de/blog/2007/01/18#FritzBox_DoS"
},
{
"name": "23868",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23868"
},
{
"name": "ADV-2007-0272",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0272"
},
{
"name": "20070123 Re: DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457829/100/0/threaded"
},
{
"name": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.avm.de/fritz.box/fritzbox.fon_wlan_7050/firmware/info.txt"
},
{
"name": "fritzbox-udp-packet-dos(31633)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31633"
},
{
"name": "32940",
"refsource": "OSVDB",
"url": "http://osvdb.org/32940"
},
{
"name": "20070119 DoS against AVM Fritz!Box 7050 (and others)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457406/100/0/threaded"
}
]
}
}

140
2007/0xxx/CVE-2007-0594.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0594",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070125 [x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458081/100/0/threaded"
},
{
"name" : "33590",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33590"
},
{
"name" : "2206",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2206"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Siteman 2.0.x2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing password hashes via a direct request for db/siteman/users.MYD."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070125 [x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458081/100/0/threaded"
},
{
"name": "33590",
"refsource": "OSVDB",
"url": "http://osvdb.org/33590"
},
{
"name": "2206",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2206"
}
]
}
}

170
2007/0xxx/CVE-2007-0797.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0797",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in theme/settings.php in bluevirus-design SMA-DB 0.3.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pfad_z parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0797",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3268",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3268"
},
{
"name" : "22391",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22391"
},
{
"name" : "ADV-2007-0494",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0494"
},
{
"name" : "33096",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33096"
},
{
"name" : "24035",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24035"
},
{
"name" : "smadb-settings-file-include(32190)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32190"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in theme/settings.php in bluevirus-design SMA-DB 0.3.9 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pfad_z parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0494",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0494"
},
{
"name": "24035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24035"
},
{
"name": "smadb-settings-file-include(32190)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32190"
},
{
"name": "33096",
"refsource": "OSVDB",
"url": "http://osvdb.org/33096"
},
{
"name": "22391",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22391"
},
{
"name": "3268",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3268"
}
]
}
}

160
2007/1xxx/CVE-2007-1600.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1600",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1600",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3533",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3533"
},
{
"name" : "23083",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23083"
},
{
"name" : "ADV-2007-1070",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1070"
},
{
"name" : "37241",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37241"
},
{
"name" : "digital-eye-module-file-include(33115)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33115"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in module.php in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37241",
"refsource": "OSVDB",
"url": "http://osvdb.org/37241"
},
{
"name": "23083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23083"
},
{
"name": "digital-eye-module-file-include(33115)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33115"
},
{
"name": "3533",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3533"
},
{
"name": "ADV-2007-1070",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1070"
}
]
}
}

210
2007/1xxx/CVE-2007-1681.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1681",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070417 n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/466048/100/0/threaded"
},
{
"name" : "http://www.nruns.com/security_advisory_sun_java_format_string.php",
"refsource" : "MISC",
"url" : "http://www.nruns.com/security_advisory_sun_java_format_string.php"
},
{
"name" : "102854",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"
},
{
"name" : "23539",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23539"
},
{
"name" : "ADV-2007-1443",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1443"
},
{
"name" : "34902",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34902"
},
{
"name" : "oval:org.mitre.oval:def:1252",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"
},
{
"name" : "1017930",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017930"
},
{
"name" : "24927",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24927"
},
{
"name" : "javawebconsole-libcsyslog-format-string(33731)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "javawebconsole-libcsyslog-format-string(33731)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33731"
},
{
"name": "102854",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102854-1"
},
{
"name": "1017930",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017930"
},
{
"name": "24927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24927"
},
{
"name": "ADV-2007-1443",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1443"
},
{
"name": "20070417 n.runs-SA-2007.007 - Sun Solaris 10 - Format string vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466048/100/0/threaded"
},
{
"name": "34902",
"refsource": "OSVDB",
"url": "http://osvdb.org/34902"
},
{
"name": "23539",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23539"
},
{
"name": "http://www.nruns.com/security_advisory_sun_java_format_string.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_sun_java_format_string.php"
},
{
"name": "oval:org.mitre.oval:def:1252",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1252"
}
]
}
}

180
2007/1xxx/CVE-2007-1721.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1721",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_category.inc.php, (5) docfile_details.php, (6) main.php, (7) mainarticle.php, (8) maindocfile.php, (9) modify.php, (10) new.php, (11) resource_details.php, or (12) smallsearch.php in lib/; or (13) mwiki/LocalSettings.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070327 [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/463925/100/0/threaded"
},
{
"name" : "3583",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3583"
},
{
"name" : "http://advisories.echo.or.id/adv/adv78-K-159-2007.txt",
"refsource" : "MISC",
"url" : "http://advisories.echo.or.id/adv/adv78-K-159-2007.txt"
},
{
"name" : "23154",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23154"
},
{
"name" : "ADV-2007-1119",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1119"
},
{
"name" : "2491",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2491"
},
{
"name" : "carbre-rootpath-file-include(33238)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33238"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in C-Arbre 0.6PR7 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) Richtxt_functions.inc.php, (2) adddocfile.php, (3) auth_check.php, (4) browse_current_category.inc.php, (5) docfile_details.php, (6) main.php, (7) mainarticle.php, (8) maindocfile.php, (9) modify.php, (10) new.php, (11) resource_details.php, or (12) smallsearch.php in lib/; or (13) mwiki/LocalSettings.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://advisories.echo.or.id/adv/adv78-K-159-2007.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv78-K-159-2007.txt"
},
{
"name": "carbre-rootpath-file-include(33238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33238"
},
{
"name": "ADV-2007-1119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1119"
},
{
"name": "23154",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23154"
},
{
"name": "20070327 [ECHO_ADV_78$2007] C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463925/100/0/threaded"
},
{
"name": "2491",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2491"
},
{
"name": "3583",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3583"
}
]
}
}

180
2007/1xxx/CVE-2007-1741.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1741",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-1741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070411 Apache HTTPD suEXEC Multiple Vulnerabilities",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511"
},
{
"name" : "[apache-http-dev] 20070328 [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2"
},
{
"name" : "[apache-http-dev] 20070328 Re: [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2"
},
{
"name" : "23438",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23438"
},
{
"name" : "38639",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38639"
},
{
"name" : "1017904",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017904"
},
{
"name" : "apache-suexec-privilege-escalation(33584)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33584"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because \"the attacks described rely on an insecure server configuration\" in which the user \"has write access to the document root.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38639",
"refsource": "OSVDB",
"url": "http://osvdb.org/38639"
},
{
"name": "20070411 Apache HTTPD suEXEC Multiple Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511"
},
{
"name": "[apache-http-dev] 20070328 Re: [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource": "MLIST",
"url": "http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2"
},
{
"name": "apache-suexec-privilege-escalation(33584)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33584"
},
{
"name": "1017904",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017904"
},
{
"name": "23438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23438"
},
{
"name": "[apache-http-dev] 20070328 [Fwd: iDefense Final Notice [IDEF1445]]",
"refsource": "MLIST",
"url": "http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2"
}
]
}
}

160
2007/1xxx/CVE-2007-1764.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1764",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070329 Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/464148/100/0/threaded"
},
{
"name" : "23196",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23196"
},
{
"name" : "42054",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42054"
},
{
"name" : "2510",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2510"
},
{
"name" : "faststone-jpg-bo(33485)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33485"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in FastStone Image Viewer 2.8 allows user-assisted remote attackers to execute arbitrary code via a crafted JPG image."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2510",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2510"
},
{
"name": "23196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23196"
},
{
"name": "42054",
"refsource": "OSVDB",
"url": "http://osvdb.org/42054"
},
{
"name": "faststone-jpg-bo(33485)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33485"
},
{
"name": "20070329 Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464148/100/0/threaded"
}
]
}
}

150
2007/4xxx/CVE-2007-4253.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4253",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070804 Envolution (News) <= v1.1.0 Remote SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475654/100/0/threaded"
},
{
"name" : "4256",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4256"
},
{
"name" : "25203",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25203"
},
{
"name" : "39199",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39199"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the News module in modules.php in Envolution 1.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the topic parameter, a different vector than CVE-2005-4263."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25203"
},
{
"name": "39199",
"refsource": "OSVDB",
"url": "http://osvdb.org/39199"
},
{
"name": "20070804 Envolution (News) <= v1.1.0 Remote SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475654/100/0/threaded"
},
{
"name": "4256",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4256"
}
]
}
}

160
2007/4xxx/CVE-2007-4376.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4376",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070811 Best Top List Remote File Upload Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/476258/100/100/threaded"
},
{
"name" : "25293",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25293"
},
{
"name" : "46401",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/46401"
},
{
"name" : "3019",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3019"
},
{
"name" : "besttoplist-bannerupload-file-upload(35979)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35979"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25293",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25293"
},
{
"name": "46401",
"refsource": "OSVDB",
"url": "http://osvdb.org/46401"
},
{
"name": "3019",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3019"
},
{
"name": "besttoplist-bannerupload-file-upload(35979)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35979"
},
{
"name": "20070811 Best Top List Remote File Upload Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476258/100/100/threaded"
}
]
}
}

420
2007/4xxx/CVE-2007-4752.json
View File

@ -1,212 +1,212 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4752",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070917 FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/479760/100/0/threaded"
},
{
"name" : "20071115 Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/483748/100/200/threaded"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=280471",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=280471"
},
{
"name" : "http://www.openssh.com/txt/release-4.7",
"refsource" : "CONFIRM",
"url" : "http://www.openssh.com/txt/release-4.7"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1706",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1706"
},
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=191321",
"refsource" : "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=191321"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=307562",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm"
},
{
"name" : "APPLE-SA-2008-03-18",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name" : "DSA-1576",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1576"
},
{
"name" : "FEDORA-2007-715",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html"
},
{
"name" : "GLSA-200711-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200711-02.xml"
},
{
"name" : "HPSBUX02287",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085"
},
{
"name" : "SSRT071485",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085"
},
{
"name" : "MDKSA-2007:236",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:236"
},
{
"name" : "RHSA-2008:0855",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0855.html"
},
{
"name" : "SUSE-SR:2007:022",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
},
{
"name" : "USN-566-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-566-1"
},
{
"name" : "25628",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25628"
},
{
"name" : "oval:org.mitre.oval:def:5599",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5599"
},
{
"name" : "oval:org.mitre.oval:def:10809",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10809"
},
{
"name" : "ADV-2007-3156",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3156"
},
{
"name" : "ADV-2008-0924",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name" : "ADV-2008-2821",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/2821"
},
{
"name" : "27399",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27399"
},
{
"name" : "29420",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29420"
},
{
"name" : "30249",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30249"
},
{
"name" : "31575",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31575"
},
{
"name" : "32241",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/32241"
},
{
"name" : "3126",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3126"
},
{
"name" : "openssh-x11cookie-privilege-escalation(36637)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36637"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openssh.com/txt/release-4.7",
"refsource": "CONFIRM",
"url": "http://www.openssh.com/txt/release-4.7"
},
{
"name": "GLSA-200711-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-02.xml"
},
{
"name": "oval:org.mitre.oval:def:10809",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10809"
},
{
"name": "DSA-1576",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1576"
},
{
"name": "25628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25628"
},
{
"name": "20070917 FLEA-2007-0055-1 openssh openssh-client openssh-server gnome-ssh-askpass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479760/100/0/threaded"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-399.htm"
},
{
"name": "FEDORA-2007-715",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00214.html"
},
{
"name": "USN-566-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-566-1"
},
{
"name": "3126",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3126"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2008-2821",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2821"
},
{
"name": "30249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30249"
},
{
"name": "ADV-2007-3156",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3156"
},
{
"name": "SSRT071485",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085"
},
{
"name": "31575",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31575"
},
{
"name": "RHSA-2008:0855",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0855.html"
},
{
"name": "MDKSA-2007:236",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:236"
},
{
"name": "oval:org.mitre.oval:def:5599",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5599"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=280471",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=280471"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "20071115 Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483748/100/200/threaded"
},
{
"name": "HPSBUX02287",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01271085"
},
{
"name": "27399",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27399"
},
{
"name": "openssh-x11cookie-privilege-escalation(36637)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36637"
},
{
"name": "https://issues.rpath.com/browse/RPL-1706",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1706"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=191321",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=191321"
},
{
"name": "SUSE-SR:2007:022",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
},
{
"name": "32241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32241"
}
]
}
}

160
2007/5xxx/CVE-2007-5436.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5436",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071010 [ELEYTT] 10PAZDZIERNIK2007",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
},
{
"name" : "http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdf",
"refsource" : "MISC",
"url" : "http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdf"
},
{
"name" : "26008",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26008"
},
{
"name" : "42476",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42476"
},
{
"name" : "3219",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3219"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdf",
"refsource": "MISC",
"url": "http://www.eleytt.com/advisories/eleytt_GDATA2007_1.pdf"
},
{
"name": "3219",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3219"
},
{
"name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
},
{
"name": "42476",
"refsource": "OSVDB",
"url": "http://osvdb.org/42476"
},
{
"name": "26008",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26008"
}
]
}
}

34
2015/2xxx/CVE-2015-2201.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2201",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2201",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

260
2015/2xxx/CVE-2015-2582.json
View File

@ -1,132 +1,132 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2582",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "DSA-3308",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3308"
},
{
"name" : "DSA-3311",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3311"
},
{
"name" : "GLSA-201610-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-06"
},
{
"name" : "RHSA-2015:1630",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html"
},
{
"name" : "RHSA-2015:1629",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name" : "RHSA-2015:1628",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name" : "RHSA-2015:1646",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
},
{
"name" : "RHSA-2015:1647",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"name" : "RHSA-2015:1665",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
},
{
"name" : "openSUSE-SU-2015:1629",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"
},
{
"name" : "USN-2674-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2674-1"
},
{
"name" : "75751",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75751"
},
{
"name" : "1032911",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032911"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to GIS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "75751",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75751"
},
{
"name": "1032911",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032911"
},
{
"name": "RHSA-2015:1646",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"
},
{
"name": "DSA-3308",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3308"
},
{
"name": "openSUSE-SU-2015:1629",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"
},
{
"name": "DSA-3311",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3311"
},
{
"name": "RHSA-2015:1647",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "RHSA-2015:1628",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
},
{
"name": "USN-2674-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2674-1"
},
{
"name": "GLSA-201610-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-06"
},
{
"name": "RHSA-2015:1630",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"
},
{
"name": "RHSA-2015:1629",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html"
},
{
"name": "RHSA-2015:1665",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html"
}
]
}
}

130
2015/2xxx/CVE-2015-2814.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2814",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://erpscan.io/advisories/erpscan-15-002-sap-mobile-healthcare-emr-v2-unauthorized-access/",
"refsource" : "MISC",
"url" : "https://erpscan.io/advisories/erpscan-15-002-sap-mobile-healthcare-emr-v2-unauthorized-access/"
},
{
"name" : "73701",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73701"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://erpscan.io/advisories/erpscan-15-002-sap-mobile-healthcare-emr-v2-unauthorized-access/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-002-sap-mobile-healthcare-emr-v2-unauthorized-access/"
},
{
"name": "73701",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73701"
}
]
}
}

130
2015/2xxx/CVE-2015-2979.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2979",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "JVN#17522792",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN17522792/index.html"
},
{
"name" : "JVNDB-2015-000109",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000109"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary OS commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#17522792",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN17522792/index.html"
},
{
"name": "JVNDB-2015-000109",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000109"
}
]
}
}

190
2015/3xxx/CVE-2015-3100.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3100",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
},
{
"name" : "GLSA-201506-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201506-01"
},
{
"name" : "RHSA-2015:1086",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
},
{
"name" : "SUSE-SU-2015:1043",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
},
{
"name" : "openSUSE-SU-2015:1047",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
},
{
"name" : "openSUSE-SU-2015:1061",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
},
{
"name" : "75085",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75085"
},
{
"name" : "1032519",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032519"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
},
{
"name": "1032519",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032519"
},
{
"name": "openSUSE-SU-2015:1047",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
},
{
"name": "GLSA-201506-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-01"
},
{
"name": "SUSE-SU-2015:1043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
},
{
"name": "openSUSE-SU-2015:1061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
},
{
"name": "75085",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75085"
},
{
"name": "RHSA-2015:1086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
}
]
}
}

210
2015/3xxx/CVE-2015-3247.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3247",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[Spice-devel] 20151006 Announcing spice 0.12.6",
"refsource" : "MLIST",
"url" : "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html"
},
{
"name" : "DSA-3354",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3354"
},
{
"name" : "RHSA-2015:1713",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
},
{
"name" : "RHSA-2015:1714",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1714.html"
},
{
"name" : "RHSA-2015:1715",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1715.html"
},
{
"name" : "openSUSE-SU-2015:1566",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html"
},
{
"name" : "USN-2736-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2736-1"
},
{
"name" : "1033459",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033459"
},
{
"name" : "1033460",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033460"
},
{
"name" : "1033753",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033753"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2736-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2736-1"
},
{
"name": "DSA-3354",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3354"
},
{
"name": "RHSA-2015:1715",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1715.html"
},
{
"name": "[Spice-devel] 20151006 Announcing spice 0.12.6",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/spice-devel/2015-October/022191.html"
},
{
"name": "openSUSE-SU-2015:1566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00018.html"
},
{
"name": "1033460",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033460"
},
{
"name": "1033459",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033459"
},
{
"name": "1033753",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033753"
},
{
"name": "RHSA-2015:1714",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1714.html"
},
{
"name": "RHSA-2015:1713",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1713.html"
}
]
}
}

130
2015/3xxx/CVE-2015-3832.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3832",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-3832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)",
"refsource" : "MLIST",
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/d48f0f145f8f0f4472bc0af668ac9a8bce44ba9b"
},
{
"name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ"
}
]
}
}

34
2015/6xxx/CVE-2015-6884.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6884",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6884",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

170
2015/6xxx/CVE-2015-6983.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6983",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-6983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT205370",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205370"
},
{
"name" : "https://support.apple.com/HT205375",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205375"
},
{
"name" : "APPLE-SA-2015-10-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
},
{
"name" : "APPLE-SA-2015-10-21-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"name" : "77263",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77263"
},
{
"name" : "1033929",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033929"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that accesses AtomicBufferedFile descriptors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2015-10-21-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html"
},
{
"name": "APPLE-SA-2015-10-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html"
},
{
"name": "https://support.apple.com/HT205375",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205375"
},
{
"name": "https://support.apple.com/HT205370",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205370"
},
{
"name": "77263",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77263"
},
{
"name": "1033929",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033929"
}
]
}
}

130
2015/7xxx/CVE-2015-7271.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2015-7271",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Dell Integrated Remote Access Controller (iDRAC)",
"version" : {
"version_data" : [
{
"version_value" : "Dell Integrated Remote Access Controller (iDRAC)"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "format string"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-7271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dell Integrated Remote Access Controller (iDRAC)",
"version": {
"version_data": [
{
"version_value": "Dell Integrated Remote Access Controller (iDRAC)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859",
"refsource" : "MISC",
"url" : "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859"
},
{
"name" : "97561",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97561"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "format string"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859",
"refsource": "MISC",
"url": "http://en.community.dell.com/techcenter/extras/m/white_papers/20441859"
},
{
"name": "97561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97561"
}
]
}
}

130
2015/7xxx/CVE-2015-7859.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7859",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7859",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html",
"refsource" : "CONFIRM",
"url" : "http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html"
},
{
"name" : "1033950",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033950"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033950",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033950"
},
{
"name": "http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html",
"refsource": "CONFIRM",
"url": "http://developer.joomla.org/security-centre/629-20151002-core-acl-violations.html"
}
]
}
}

150
2016/0xxx/CVE-2016-0425.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0425",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Monitoring and Diagnostics."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160825 Onapsis Security Advisory ONAPSIS-2016-00171: JD Edwards Server Manager Password Disclosure",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Aug/129"
},
{
"name" : "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034722",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034722"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Monitoring and Diagnostics."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160825 Onapsis Security Advisory ONAPSIS-2016-00171: JD Edwards Server Manager Password Disclosure",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/129"
},
{
"name": "1034722",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034722"
},
{
"name": "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}
]
}
}

130
2016/0xxx/CVE-2016-0541.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0541",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors related to UI Servlet, a different vulnerability than CVE-2016-0540."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034727",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034727"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect confidentiality via unknown vectors related to UI Servlet, a different vulnerability than CVE-2016-0540."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034727",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034727"
}
]
}
}

330
2016/0xxx/CVE-2016-0640.json
View File

@ -1,167 +1,167 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0640",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/"
},
{
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/",
"refsource" : "CONFIRM",
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name" : "DSA-3595",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3595"
},
{
"name" : "DSA-3557",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3557"
},
{
"name" : "RHSA-2016:0705",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name" : "RHSA-2016:1602",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html"
},
{
"name" : "RHSA-2016:1132",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"name" : "RHSA-2016:1480",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
},
{
"name" : "RHSA-2016:1481",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
},
{
"name" : "openSUSE-SU-2016:1686",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html"
},
{
"name" : "SUSE-SU-2016:1619",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"
},
{
"name" : "SUSE-SU-2016:1620",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"
},
{
"name" : "openSUSE-SU-2016:1664",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"
},
{
"name" : "SUSE-SU-2016:1279",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html"
},
{
"name" : "openSUSE-SU-2016:1332",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"
},
{
"name" : "USN-2953-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2953-1"
},
{
"name" : "86427",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/86427"
},
{
"name" : "1035606",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035606"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect integrity and availability via vectors related to DML."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1620",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"
},
{
"name": "RHSA-2016:1481",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/"
},
{
"name": "RHSA-2016:1132",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"name": "86427",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86427"
},
{
"name": "1035606",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035606"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "USN-2953-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2953-1"
},
{
"name": "openSUSE-SU-2016:1332",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/"
},
{
"name": "SUSE-SU-2016:1619",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"
},
{
"name": "RHSA-2016:1480",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
},
{
"name": "openSUSE-SU-2016:1664",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168"
},
{
"name": "DSA-3557",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3557"
},
{
"name": "RHSA-2016:1602",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html"
},
{
"name": "DSA-3595",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3595"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "openSUSE-SU-2016:1686",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html"
},
{
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name": "SUSE-SU-2016:1279",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html"
}
]
}
}

120
2016/0xxx/CVE-2016-0851.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0851",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000037.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000037",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000037",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2016/1xxx/CVE-2016-1489.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1489",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name" : "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Jan/67"
},
{
"name" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name" : "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/product_security/len_4058"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48_ww for Android transfer files in cleartext, which allows remote attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135378/Lenovo-ShareIT-Information-Disclosure-Hardcoded-Password.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/len_4058",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4058"
},
{
"name": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537365/100/0/threaded"
},
{
"name": "20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/67"
}
]
}
}

140
2016/4xxx/CVE-2016-4256.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4256",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html"
},
{
"name" : "92928",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92928"
},
{
"name" : "1036793",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036793"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036793",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036793"
},
{
"name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html"
},
{
"name": "92928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92928"
}
]
}
}

160
2016/4xxx/CVE-2016-4346.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4346",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160428 [CVE Requests] PHP issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"name" : "http://php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://php.net/ChangeLog-7.php"
},
{
"name" : "https://bugs.php.net/bug.php?id=71637",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=71637"
},
{
"name" : "openSUSE-SU-2016:1524",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"name" : "openSUSE-SU-2016:1357",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the str_pad function in ext/standard/string.c in PHP before 7.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1524",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00027.html"
},
{
"name": "https://bugs.php.net/bug.php?id=71637",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=71637"
},
{
"name": "[oss-security] 20160428 [CVE Requests] PHP issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/28/2"
},
{
"name": "http://php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-7.php"
},
{
"name": "openSUSE-SU-2016:1357",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00086.html"
}
]
}
}

130
2016/4xxx/CVE-2016-4367.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4367",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813"
},
{
"name" : "1036050",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036050"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Universal Discovery component in HPE Universal CMDB 10.0, 10.01, 10.10, 10.11, 10.20, and 10.21 allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036050"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05164813"
}
]
}
}

140
2016/4xxx/CVE-2016-4906.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4906",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Cybozu Garoon",
"version" : {
"version_data" : [
{
"version_value" : "3.0.0 to 4.2.2"
}
]
}
}
]
},
"vendor_name" : "Cybozu, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via \"Messages\" function of Cybozu Garoon Keitai."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site scripting"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "3.0.0 to 4.2.2"
}
]
}
}
]
},
"vendor_name": "Cybozu, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.cybozu.com/ja-jp/article/9511",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9511"
},
{
"name" : "JVN#12281353",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN12281353/index.html"
},
{
"name" : "94969",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94969"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via \"Messages\" function of Cybozu Garoon Keitai."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94969",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94969"
},
{
"name": "https://support.cybozu.com/ja-jp/article/9511",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9511"
},
{
"name": "JVN#12281353",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN12281353/index.html"
}
]
}
}

34
2019/0xxx/CVE-2019-0399.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0399",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0399",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

240
2019/0xxx/CVE-2019-0664.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0664",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Windows",
"version" : {
"version_data" : [
{
"version_value" : "7 for 32-bit Systems Service Pack 1"
},
{
"version_value" : "7 for x64-based Systems Service Pack 1"
},
{
"version_value" : "8.1 for 32-bit systems"
},
{
"version_value" : "8.1 for x64-based systems"
},
{
"version_value" : "RT 8.1"
}
]
}
},
{
"product_name" : "Windows Server",
"version" : {
"version_data" : [
{
"version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value" : "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value" : "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value" : "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value" : "2012"
},
{
"version_value" : "2012 (Core installation)"
},
{
"version_value" : "2012 R2"
},
{
"version_value" : "2012 R2 (Core installation)"
},
{
"version_value" : "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value" : "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value" : "2008 for x64-based Systems Service Pack 2"
},
{
"version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Windows",
"version": {
"version_data": [
{
"version_value": "7 for 32-bit Systems Service Pack 1"
},
{
"version_value": "7 for x64-based Systems Service Pack 1"
},
{
"version_value": "8.1 for 32-bit systems"
},
{
"version_value": "8.1 for x64-based systems"
},
{
"version_value": "RT 8.1"
}
]
}
},
{
"product_name": "Windows Server",
"version": {
"version_data": [
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
},
{
"version_value": "2008 R2 for Itanium-Based Systems Service Pack 1"
},
{
"version_value": "2008 R2 for x64-based Systems Service Pack 1"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2 (Core installation)"
},
{
"version_value": "2012"
},
{
"version_value": "2012 (Core installation)"
},
{
"version_value": "2012 R2"
},
{
"version_value": "2012 R2 (Core installation)"
},
{
"version_value": "2008 for Itanium-Based Systems Service Pack 2"
},
{
"version_value": "2008 for 32-bit Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2"
},
{
"version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664"
},
{
"name" : "106862",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106862"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106862"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0664"
}
]
}
}

34
2019/0xxx/CVE-2019-0930.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0930",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0930",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3191.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3191",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3191",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3377.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3377",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3377",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3457.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3457",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3457",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3900.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3900",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3900",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4529.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4529",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4529",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4550.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4550",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4550",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4962.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4962",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4962",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7060.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7060",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7060",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

78
2019/7xxx/CVE-2019-7223.json
View File

@ -1,18 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7223",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7223",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save invoice_password parameter, aka the \"PDF password\" field to the \"Create Invoice\" option. The XSS payload is rendered at an index.php/invoices/view/## URI. NOTE: this is different from CVE-2018-12255."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cxsecurity.com/issue/WLB-2019020191",
"url": "https://cxsecurity.com/issue/WLB-2019020191"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}
}

34
2019/7xxx/CVE-2019-7511.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7511",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7511",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7688.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7688",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7688",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8059.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8059",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8059",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8247.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8247",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8247",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8340.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8340",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8340",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8806.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8806",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8806",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/8xxx/CVE-2019-8984.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8984",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/",
"refsource" : "MISC",
"url" : "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/",
"refsource": "MISC",
"url": "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/"
}
]
}
}

34
2019/9xxx/CVE-2019-9043.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9043",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9043",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9231.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9231",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9231",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9458.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9458",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9458",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2019/9xxx/CVE-2019-9738.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9738",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<EMBED SRC=\"data:image/svg+xml' substring."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/jimmykuu/gopher/issues/88",
"refsource" : "MISC",
"url" : "https://github.com/jimmykuu/gopher/issues/88"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '<EMBED SRC=\"data:image/svg+xml' substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jimmykuu/gopher/issues/88",
"refsource": "MISC",
"url": "https://github.com/jimmykuu/gopher/issues/88"
}
]
}
}