admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:25:58 +00:00
parent 9f16d0912b
commit 20fc5552f3
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 3869 additions and 3869 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
1999/0xxx/CVE-1999-0363.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0363", "ID": "CVE-1999-0363",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "328", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/328" "lang": "eng",
} "value": "SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/328"
}
]
}
} }

118
1999/0xxx/CVE-1999-0447.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0447", "ID": "CVE-1999-0447",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Local users can gain privileges using the debug utility in the MPE/iX operating system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMP9904-006", "description_data": [
"refsource" : "HP", {
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006" "lang": "eng",
} "value": "Local users can gain privileges using the debug utility in the MPE/iX operating system."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMP9904-006",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMP9904-006"
}
]
}
} }

118
1999/1xxx/CVE-1999-1315.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1315", "ID": "CVE-1999-1315",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "F-04", "description_data": [
"refsource" : "CIAC", {
"url" : "http://ciac.llnl.gov/ciac/bulletins/f-04.shtml" "lang": "eng",
} "value": "Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "F-04",
"refsource": "CIAC",
"url": "http://ciac.llnl.gov/ciac/bulletins/f-04.shtml"
}
]
}
} }

128
1999/1xxx/CVE-1999-1455.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1455", "ID": "CVE-1999-1455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "Q158320", "description_data": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/support/kb/articles/q158/3/20.asp" "lang": "eng",
}, "value": "RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host."
{ }
"name" : "nt-rshsvc-ale-bypass(7422)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7422" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "nt-rshsvc-ale-bypass(7422)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7422"
},
{
"name": "Q158320",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/q158/3/20.asp"
}
]
}
} }

128
2000/0xxx/CVE-2000-0062.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0062", "ID": "CVE-2000-0062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000104 [petrilli@digicool.com: [Zope] SECURITY ALERT]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000104222219.B41650@schvin.net" "lang": "eng",
}, "value": "The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities."
{ }
"name" : "922", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/922" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000104 [petrilli@digicool.com: [Zope] SECURITY ALERT]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000104222219.B41650@schvin.net"
},
{
"name": "922",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/922"
}
]
}
} }

148
2000/0xxx/CVE-2000-0205.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0205", "ID": "CVE-2000-0205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000303 TrendMicro OfficeScan, numerous security holes, remote files modification.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0015.html" "lang": "eng",
}, "value": "Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients."
{ }
"name" : "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.antivirus.com/download/ofce_patch_35.htm", "description": [
"refsource" : "MISC", {
"url" : "http://www.antivirus.com/download/ofce_patch_35.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1013", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1013" ]
} },
] "references": {
} "reference_data": [
{
"name": "20000303 TrendMicro OfficeScan, numerous security holes, remote files modification.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0015.html"
},
{
"name": "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com"
},
{
"name": "http://www.antivirus.com/download/ofce_patch_35.htm",
"refsource": "MISC",
"url": "http://www.antivirus.com/download/ofce_patch_35.htm"
},
{
"name": "1013",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1013"
}
]
}
} }

138
2000/0xxx/CVE-2000-0328.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0328", "ID": "CVE-2000-0328",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1" "lang": "eng",
}, "value": "Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote attackers to perform spoofing and session hijacking."
{ }
"name" : "MS99-046", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-046" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "604", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/604" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/604"
},
{
"name": "19990824 NT Predictable Initial TCP Sequence numbers - changes observed with SP4",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.19990824165629.00abcb40@192.168.124.1"
},
{
"name": "MS99-046",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-046"
}
]
}
} }

138
2000/0xxx/CVE-2000-0359.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0359", "ID": "CVE-2000-0359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991113 thttpd 2.04 stack overflow (VD#6)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/1626.html" "lang": "eng",
}, "value": "Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header."
{ }
"name" : "19991116 Security hole in thttpd 1.90a - 2.04", ]
"refsource" : "SUSE", },
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_30.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1248", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1248" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1248"
},
{
"name": "19991116 Security hole in thttpd 1.90a - 2.04",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_30.html"
},
{
"name": "19991113 thttpd 2.04 stack overflow (VD#6)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/1626.html"
}
]
}
} }

128
2000/0xxx/CVE-2000-0438.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0438", "ID": "CVE-2000-0438",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000522 fdmount buffer overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html" "lang": "eng",
}, "value": "Buffer overflow in fdmount on Linux systems allows local users in the \"floppy\" group to execute arbitrary commands via a long mountpoint parameter."
{ }
"name" : "1239", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1239" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1239"
},
{
"name": "20000522 fdmount buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0245.html"
}
]
}
} }

138
2000/0xxx/CVE-2000-0495.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0495", "ID": "CVE-2000-0495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the \"Malformed Windows Media Encoder Request\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS00-038", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-038" "lang": "eng",
}, "value": "Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the \"Malformed Windows Media Encoder Request\" vulnerability."
{ }
"name" : "1282", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1282" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ms-malformed-media-dos(4585)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4585" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "MS00-038",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-038"
},
{
"name": "1282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1282"
},
{
"name": "ms-malformed-media-dos(4585)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4585"
}
]
}
} }

138
2000/0xxx/CVE-2000-0517.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0517", "ID": "CVE-2000-0517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CA-2000-08", "description_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-2000-08.html" "lang": "eng",
}, "value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information."
{ }
"name" : "1260", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1260" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "netscape-ssl-certificate(4550)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-ssl-certificate(4550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
]
}
} }

138
2000/0xxx/CVE-2000-0827.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0827", "ID": "CVE-2000-0827",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "A090800-1", "description_data": [
"refsource" : "ATSTAKE", {
"url" : "http://www.atstake.com/research/advisories/2000/a090800-1.txt" "lang": "eng",
}, "value": "Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username."
{ }
"name" : "1657", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1657" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "documentdirect-username-bo(5211)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5211" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "documentdirect-username-bo(5211)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5211"
},
{
"name": "1657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1657"
},
{
"name": "A090800-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2000/a090800-1.txt"
}
]
}
} }

158
2007/1xxx/CVE-2007-1094.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1094", "ID": "CVE-2007-1094",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070223 Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/461024/100/0/threaded" "lang": "eng",
}, "value": "Microsoft Internet Explorer 7 allows remote attackers to cause a denial of service (NULL dereference and application crash) via JavaScript onUnload handlers that modify the structure of a document."
{ }
"name" : "22678", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22678" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45248", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45248" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2302", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2302" ]
}, },
{ "references": {
"name" : "ie-mozilla-onunload-dos(32647)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32647" "name": "45248",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/45248"
} },
{
"name": "ie-mozilla-onunload-dos(32647)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32647"
},
{
"name": "2302",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2302"
},
{
"name": "22678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22678"
},
{
"name": "20070223 Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461024/100/0/threaded"
}
]
}
} }

468
2007/1xxx/CVE-2007-1358.json
View File

@ -1,237 +1,237 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-1358", "ID": "CVE-2007-1358",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted \"Accept-Language headers that do not conform to RFC 2616\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471719/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted \"Accept-Language headers that do not conform to RFC 2616\"."
{ }
"name" : "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/500412/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/500396/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://tomcat.apache.org/security-4.html", ]
"refsource" : "CONFIRM", }
"url" : "http://tomcat.apache.org/security-4.html" ]
}, },
{ "references": {
"name" : "http://docs.info.apple.com/article.html?artnum=306172", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=306172" "name": "http://tomcat.apache.org/security-4.html",
}, "refsource": "CONFIRM",
{ "url": "http://tomcat.apache.org/security-4.html"
"name" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html" "name": "30908",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30908"
"name" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx", },
"refsource" : "CONFIRM", {
"url" : "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx" "name": "25721",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25721"
"name" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540", },
"refsource" : "CONFIRM", {
"url" : "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540" "name": "ADV-2007-2732",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2732"
"name" : "APPLE-SA-2007-07-31", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" "name": "RHSA-2008:0630",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2008-0630.html"
"name" : "FEDORA-2007-3456", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html" "name": "239312",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1"
"name" : "HPSBUX02262", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" "name": "ADV-2007-3087",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3087"
"name" : "SSRT071447", },
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795" "name": "30899",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30899"
"name" : "RHSA-2008:0261", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0261.html" "name": "FEDORA-2007-3456",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00525.html"
"name" : "RHSA-2008:0630", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2008-0630.html" "name": "31493",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31493"
"name" : "239312", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239312-1" "name": "ADV-2008-1979",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1979/references"
"name" : "JVN#16535199", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2316535199/index.html" "name": "APPLE-SA-2007-07-31",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name" : "24524", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24524" "name": "20090127 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/500412/100/0/threaded"
"name" : "25159", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25159" "name": "33668",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/33668"
"name" : "34881", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34881" "name": "20090124 CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/500396/100/0/threaded"
"name" : "oval:org.mitre.oval:def:10679", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679" "name": "ADV-2007-1729",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1729"
"name" : "ADV-2007-1729", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1729" "name": "34881",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34881"
"name" : "ADV-2007-2732", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2732" "name": "24524",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24524"
"name" : "ADV-2007-3087", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3087" "name": "ADV-2009-0233",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/0233"
"name" : "ADV-2007-3386", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3386" "name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-200704e.html"
"name" : "ADV-2008-1979", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1979/references" "name": "oval:org.mitre.oval:def:10679",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10679"
"name" : "ADV-2009-0233", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0233" "name": "ADV-2007-3386",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3386"
"name" : "1018269", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018269" "name": "20070618 [CVE-2007-1358] Apache Tomcat XSS vulnerability in Accept-Language header processing",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/471719/100/0/threaded"
"name" : "25721", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25721" "name": "27037",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27037"
"name" : "26235", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26235" "name": "http://docs.info.apple.com/article.html?artnum=306172",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=306172"
"name" : "26660", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26660" "name": "SSRT071447",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
"name" : "27037", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27037" "name": "27727",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27727"
"name" : "27727", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27727" "name": "HPSBUX02262",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795"
"name" : "30908", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30908" "name": "JVN#16535199",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2316535199/index.html"
"name" : "30899", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30899" "name": "25159",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25159"
"name" : "31493", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31493" "name": "26660",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26660"
"name" : "33668", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33668" "name": "RHSA-2008:0261",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
} },
{
"name": "1018269",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018269"
},
{
"name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx",
"refsource": "CONFIRM",
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/23.aspx"
},
{
"name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540",
"refsource": "CONFIRM",
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197540"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
} }

158
2007/1xxx/CVE-2007-1569.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1569", "ID": "CVE-2007-1569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service or execute arbitrary code via a yEnc (yEncode) encoded article with a long filename, as demonstrated using a .nzb file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3464", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3464" "lang": "eng",
}, "value": "Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service or execute arbitrary code via a yEnc (yEncode) encoded article with a long filename, as demonstrated using a .nzb file. NOTE: some of these details are obtained from third party information."
{ }
"name" : "22940", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22940" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0935", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0935" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34003", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34003" ]
}, },
{ "references": {
"name" : "24491", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24491" "name": "24491",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24491"
} },
{
"name": "22940",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22940"
},
{
"name": "34003",
"refsource": "OSVDB",
"url": "http://osvdb.org/34003"
},
{
"name": "ADV-2007-0935",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0935"
},
{
"name": "3464",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3464"
}
]
}
} }

218
2007/5xxx/CVE-2007-5372.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5372", "ID": "CVE-2007-5372",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071009 LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481866/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field."
{ }
"name" : "http://www.ledgersmb.org/node/54", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ledgersmb.org/node/54" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25979", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25979" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3453", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3453" ]
}, },
{ "references": {
"name" : "37865", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37865" "name": "27159",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27159"
"name" : "37866", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37866" "name": "ledgersmb-unspecified-sql-injection(37032)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37032"
"name" : "27159", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27159" "name": "20071009 LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/481866/100/0/threaded"
"name" : "27171", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27171" "name": "37865",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37865"
"name" : "3209", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3209" "name": "sqlledger-unspecified-sql-injection(37033)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37033"
"name" : "ledgersmb-unspecified-sql-injection(37032)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37032" "name": "ADV-2007-3453",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3453"
"name" : "sqlledger-unspecified-sql-injection(37033)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37033" "name": "3209",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3209"
} },
{
"name": "25979",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25979"
},
{
"name": "37866",
"refsource": "OSVDB",
"url": "http://osvdb.org/37866"
},
{
"name": "http://www.ledgersmb.org/node/54",
"refsource": "CONFIRM",
"url": "http://www.ledgersmb.org/node/54"
},
{
"name": "27171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27171"
}
]
}
} }

198
2007/5xxx/CVE-2007-5383.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5383", "ID": "CVE-2007-5383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka \"double-slash auth bypass.\" NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071008 BT Home Flub: Pwnin the BT Home Hub", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/481835/100/0/threaded" "lang": "eng",
}, "value": "The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka \"double-slash auth bypass.\" NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues."
{ }
"name" : "20080301 The Router Hacking Challenge is Over!", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/489009/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub", "description": [
"refsource" : "MISC", {
"url" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/", ]
"refsource" : "MISC", }
"url" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/" ]
}, },
{ "references": {
"name" : "http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/" "name": "http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/",
}, "refsource": "MISC",
{ "url": "http://www.gnucitizen.org/blog/holes-in-embedded-devices-authentication-bypass-pt-1/"
"name" : "http://www.gnucitizen.org/projects/router-hacking-challenge/", },
"refsource" : "MISC", {
"url" : "http://www.gnucitizen.org/projects/router-hacking-challenge/" "name": "20080301 The Router Hacking Challenge is Over!",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/489009/100/0/threaded"
"name" : "25972", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25972" "name": "http://www.gnucitizen.org/projects/router-hacking-challenge/",
}, "refsource": "MISC",
{ "url": "http://www.gnucitizen.org/projects/router-hacking-challenge/"
"name" : "3213", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3213" "name": "3213",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3213"
"name" : "bthomehub-cgib-auth-bypass(41271)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41271" "name": "25972",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/25972"
} },
{
"name": "bthomehub-cgib-auth-bypass(41271)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41271"
},
{
"name": "20071008 BT Home Flub: Pwnin the BT Home Hub",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481835/100/0/threaded"
},
{
"name": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub",
"refsource": "MISC",
"url": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub"
},
{
"name": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/",
"refsource": "MISC",
"url": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/"
}
]
}
} }

198
2007/5xxx/CVE-2007-5512.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5512", "ID": "CVE-2007-5512",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-290A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" ]
}, },
{ "references": {
"name" : "ADV-2007-3524", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
} }

198
2007/5xxx/CVE-2007-5526.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5526", "ID": "CVE-2007-5526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-290A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" ]
}, },
{ "references": {
"name" : "ADV-2007-3524", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
} }

32
2015/3xxx/CVE-2015-3524.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3524", "ID": "CVE-2015-3524",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2015/3xxx/CVE-2015-3563.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3563", "ID": "CVE-2015-3563",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2015/3xxx/CVE-2015-3849.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-3849", "ID": "CVE-2015-3849",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to a service, aka internal bug 21585255."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)", "description_data": [
"refsource" : "MLIST", {
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ" "lang": "eng",
}, "value": "The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to a service, aka internal bug 21585255."
{ }
"name" : "https://android.googlesource.com/platform/frameworks/base/+/1e72dc7a3074cd0b44d89afbf39bbf5000ef7cc3", ]
"refsource" : "CONFIRM", },
"url" : "https://android.googlesource.com/platform/frameworks/base/+/1e72dc7a3074cd0b44d89afbf39bbf5000ef7cc3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://android.googlesource.com/platform/frameworks/base/+/4cff1f49ff95d990d6c2614da5d5a23d02145885", "description": [
"refsource" : "CONFIRM", {
"url" : "https://android.googlesource.com/platform/frameworks/base/+/4cff1f49ff95d990d6c2614da5d5a23d02145885" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "[android-security-updates] 20150909 Nexus Security Bulletin (September 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ"
},
{
"name": "https://android.googlesource.com/platform/frameworks/base/+/4cff1f49ff95d990d6c2614da5d5a23d02145885",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/base/+/4cff1f49ff95d990d6c2614da5d5a23d02145885"
},
{
"name": "https://android.googlesource.com/platform/frameworks/base/+/1e72dc7a3074cd0b44d89afbf39bbf5000ef7cc3",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/base/+/1e72dc7a3074cd0b44d89afbf39bbf5000ef7cc3"
}
]
}
} }

288
2015/4xxx/CVE-2015-4026.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4026", "ID": "CVE-2015-4026",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://php.net/ChangeLog-5.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://php.net/ChangeLog-5.php" "lang": "eng",
}, "value": "The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \\x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243."
{ }
"name" : "https://bugs.php.net/bug.php?id=68598", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.php.net/bug.php?id=68598" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT205031", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-08-13-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "RHSA-2015:1187",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1187.html"
"name" : "DSA-3280", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3280" "name": "RHSA-2015:1186",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1186.html"
"name" : "FEDORA-2015-8281", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html" "name": "RHSA-2015:1219",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1219.html"
"name" : "FEDORA-2015-8370", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "FEDORA-2015-8383", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html" "name": "https://bugs.php.net/bug.php?id=68598",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=68598"
"name" : "GLSA-201606-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-10" "name": "openSUSE-SU-2015:0993",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html"
"name" : "RHSA-2015:1187", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1187.html" "name": "http://php.net/ChangeLog-5.php",
}, "refsource": "CONFIRM",
{ "url": "http://php.net/ChangeLog-5.php"
"name" : "RHSA-2015:1135", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "name": "DSA-3280",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3280"
"name" : "RHSA-2015:1186", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1186.html" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "RHSA-2015:1218", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" "name": "RHSA-2015:1135",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
"name" : "RHSA-2015:1219", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1219.html" "name": "1032431",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032431"
"name" : "openSUSE-SU-2015:0993", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00002.html" "name": "https://support.apple.com/kb/HT205031",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205031"
"name" : "75056", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75056" "name": "FEDORA-2015-8383",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158915.html"
"name" : "1032431", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032431" "name": "75056",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/75056"
} },
{
"name": "FEDORA-2015-8281",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158616.html"
},
{
"name": "FEDORA-2015-8370",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159031.html"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
},
{
"name": "RHSA-2015:1218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
}
]
}
} }

148
2015/7xxx/CVE-2015-7792.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-7792", "ID": "CVE-2015-7792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://corega.jp/support/security/20151224_wlbargs.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://corega.jp/support/security/20151224_wlbargs.htm" "lang": "eng",
}, "value": "Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors."
{ }
"name" : "JVN#51349622", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN51349622/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2015-000201", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000201" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "79683", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/79683" ]
} },
] "references": {
} "reference_data": [
{
"name": "79683",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79683"
},
{
"name": "http://corega.jp/support/security/20151224_wlbargs.htm",
"refsource": "CONFIRM",
"url": "http://corega.jp/support/security/20151224_wlbargs.htm"
},
{
"name": "JVNDB-2015-000201",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000201"
},
{
"name": "JVN#51349622",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN51349622/index.html"
}
]
}
} }

478
2015/7xxx/CVE-2015-7990.json
View File

@ -1,242 +1,242 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7990", "ID": "CVE-2015-7990",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket.", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lkml.org/lkml/2015/10/16/530" "lang": "eng",
}, "value": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937."
{ }
"name" : "[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/10/27/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1276437", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1276437" "name": "SUSE-SU-2015:2292",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=952384", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=952384" "name": "SUSE-SU-2016:0337",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
"name" : "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a" "name": "SUSE-SU-2015:2350",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276437"
"name" : "DSA-3396", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3396" "name": "SUSE-SU-2016:0434",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
"name" : "SUSE-SU-2016:2074", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" "name": "USN-2887-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2887-2"
"name" : "SUSE-SU-2016:0335", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html" "name": "[linux-kernel] 20151016 [PATCH] RDS: fix race condition when sending a message on unbound socket.",
}, "refsource": "MLIST",
{ "url": "https://lkml.org/lkml/2015/10/16/530"
"name" : "SUSE-SU-2016:0337", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html" "name": "1034453",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034453"
"name" : "SUSE-SU-2016:0354", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" "name": "USN-2886-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2886-1"
"name" : "SUSE-SU-2016:0380", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html" "name": "USN-2887-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2887-1"
"name" : "SUSE-SU-2016:0381", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html" "name": "https://bugzilla.suse.com/show_bug.cgi?id=952384",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.suse.com/show_bug.cgi?id=952384"
"name" : "SUSE-SU-2016:0383", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html" "name": "SUSE-SU-2015:2194",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
"name" : "SUSE-SU-2016:0384", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html" "name": "USN-2890-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2890-3"
"name" : "SUSE-SU-2016:0386", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html" "name": "openSUSE-SU-2015:2232",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html"
"name" : "SUSE-SU-2016:0387", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html" "name": "SUSE-SU-2016:0380",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
"name" : "SUSE-SU-2016:0434", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8c7188b23474cca017b3ef354c4a58456f68303a"
"name" : "SUSE-SU-2015:2108", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" "name": "USN-2889-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2889-1"
"name" : "SUSE-SU-2015:2194", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" "name": "SUSE-SU-2016:0354",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
"name" : "SUSE-SU-2015:2292", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html" "name": "SUSE-SU-2016:0335",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
"name" : "SUSE-SU-2015:2339", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" "name": "SUSE-SU-2015:2339",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
"name" : "SUSE-SU-2015:2350", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" "name": "SUSE-SU-2015:2108",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
"name" : "openSUSE-SU-2015:2232", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" "name": "USN-2889-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2889-2"
"name" : "USN-2886-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2886-1" "name": "[oss-security] 20151027 Re: CVE-2015-6937 - Linux kernel - NULL pointer dereference in net/rds/connection.c",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/10/27/5"
"name" : "USN-2887-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2887-1" "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3"
"name" : "USN-2887-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2887-2" "name": "SUSE-SU-2016:0383",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
"name" : "USN-2888-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2888-1" "name": "SUSE-SU-2016:0386",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
"name" : "USN-2889-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2889-1" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name" : "USN-2889-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2889-2" "name": "SUSE-SU-2016:2074",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
"name" : "USN-2890-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2890-1" "name": "USN-2890-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2890-2"
"name" : "USN-2890-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2890-2" "name": "77340",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77340"
"name" : "USN-2890-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2890-3" "name": "SUSE-SU-2016:0384",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
"name" : "77340", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77340" "name": "DSA-3396",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3396"
"name" : "1034453", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034453" "name": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a",
} "refsource": "CONFIRM",
] "url": "https://github.com/torvalds/linux/commit/8c7188b23474cca017b3ef354c4a58456f68303a"
} },
{
"name": "USN-2890-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2890-1"
},
{
"name": "SUSE-SU-2016:0387",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
},
{
"name": "SUSE-SU-2016:0381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
},
{
"name": "USN-2888-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2888-1"
}
]
}
} }

148
2015/8xxx/CVE-2015-8094.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8094", "ID": "CVE-2015-8094",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.harmfultrust.com/p/advisories.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.harmfultrust.com/p/advisories.html" "lang": "eng",
}, "value": "Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter."
{ }
"name" : "http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html", ]
"refsource" : "CONFIRM", },
"url" : "http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/cloudera/hue/pull/346", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/cloudera/hue/pull/346" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.cloudera.org/browse/HUE-3626", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.cloudera.org/browse/HUE-3626" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://issues.cloudera.org/browse/HUE-3626",
"refsource": "CONFIRM",
"url": "https://issues.cloudera.org/browse/HUE-3626"
},
{
"name": "http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html",
"refsource": "CONFIRM",
"url": "http://cloudera.github.io/hue/latest/release-notes/release-notes-3.10.0.html"
},
{
"name": "https://github.com/cloudera/hue/pull/346",
"refsource": "CONFIRM",
"url": "https://github.com/cloudera/hue/pull/346"
},
{
"name": "https://www.harmfultrust.com/p/advisories.html",
"refsource": "MISC",
"url": "https://www.harmfultrust.com/p/advisories.html"
}
]
}
} }

32
2015/8xxx/CVE-2015-8179.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8179", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8179",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

238
2015/8xxx/CVE-2015-8868.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8868", "ID": "CVE-2015-8868",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160411 CVE request: Poppler < 0.40.0", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/04/12/1" "lang": "eng",
}, "value": "Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document."
{ }
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=93476", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=93476" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433", "description": [
"refsource" : "CONFIRM", {
"url" : "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://poppler.freedesktop.org/releases.html", ]
"refsource" : "CONFIRM", }
"url" : "https://poppler.freedesktop.org/releases.html" ]
}, },
{ "references": {
"name" : "DSA-3563", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3563" "name": "https://bugs.freedesktop.org/show_bug.cgi?id=93476",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.freedesktop.org/show_bug.cgi?id=93476"
"name" : "FEDORA-2016-3c4e438fc8", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html" "name": "openSUSE-SU-2016:1322",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html"
"name" : "FEDORA-2016-c848d48286", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html" "name": "DSA-3563",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3563"
"name" : "GLSA-201611-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201611-15" "name": "GLSA-201611-15",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201611-15"
"name" : "RHSA-2016:2580", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2580.html" "name": "RHSA-2016:2580",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2580.html"
"name" : "openSUSE-SU-2016:1630", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html" "name": "89324",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/89324"
"name" : "openSUSE-SU-2016:1322", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html" "name": "FEDORA-2016-c848d48286",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html"
"name" : "USN-2958-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2958-1" "name": "https://poppler.freedesktop.org/releases.html",
}, "refsource": "CONFIRM",
{ "url": "https://poppler.freedesktop.org/releases.html"
"name" : "89324", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/89324" "name": "[oss-security] 20160411 CVE request: Poppler < 0.40.0",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2016/04/12/1"
} },
{
"name": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433",
"refsource": "CONFIRM",
"url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433"
},
{
"name": "openSUSE-SU-2016:1630",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html"
},
{
"name": "USN-2958-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2958-1"
},
{
"name": "FEDORA-2016-3c4e438fc8",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html"
}
]
}
} }

138
2015/8xxx/CVE-2015-8892.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-8892", "ID": "CVE-2015-8892",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-07-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-07-01.html" "lang": "eng",
}, "value": "platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with trailing data, aka Android internal bug 28822807 and Qualcomm internal bug CR902998."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91628", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91628" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=fae606b9dd92c021e2419369975264f24f60db23"
},
{
"name": "91628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91628"
},
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
}
]
}
} }

140
2015/9xxx/CVE-2015-9009.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-06-05T00:00:00", "DATE_PUBLIC": "2017-06-05T00:00:00",
"ID" : "CVE-2015-9009", "ID": "CVE-2015-9009",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android kernel" "version_value": "Android kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393600."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
} }

138
2015/9xxx/CVE-2015-9030.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2015-9030", "ID": "CVE-2015-9030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Authentication Vulnerability in Hypervisor"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Improper Authentication Vulnerability in Hypervisor"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
} }

32
2016/0xxx/CVE-2016-0004.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-0004", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-0004",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

168
2016/0xxx/CVE-2016-0891.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0891", "ID": "CVE-2016-0891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160419 ESA-2016-039: EMC ViPR SRM Multiple Cross-Site Request Forgery Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/Apr/106" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators."
{ }
"name" : "20160427 EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/538207/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39738", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39738/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20160427 EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection", ]
"refsource" : "FULLDISC", }
"url" : "http://seclists.org/fulldisclosure/2016/Apr/89" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/136837/EMC-ViPR-SRM-Cross-Site-Request-Forgery.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/136837/EMC-ViPR-SRM-Cross-Site-Request-Forgery.html" "name": "20160427 EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/538207/100/0/threaded"
"name" : "https://www.securify.nl/advisory/SFY20141109/emc_m_r__watch4net__lacks_c%20ross_site_request_forgery_protection.html", },
"refsource" : "MISC", {
"url" : "https://www.securify.nl/advisory/SFY20141109/emc_m_r__watch4net__lacks_c%20ross_site_request_forgery_protection.html" "name": "39738",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/39738/"
} },
{
"name": "https://www.securify.nl/advisory/SFY20141109/emc_m_r__watch4net__lacks_c%20ross_site_request_forgery_protection.html",
"refsource": "MISC",
"url": "https://www.securify.nl/advisory/SFY20141109/emc_m_r__watch4net__lacks_c%20ross_site_request_forgery_protection.html"
},
{
"name": "http://packetstormsecurity.com/files/136837/EMC-ViPR-SRM-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136837/EMC-ViPR-SRM-Cross-Site-Request-Forgery.html"
},
{
"name": "20160427 EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/89"
},
{
"name": "20160419 ESA-2016-039: EMC ViPR SRM Multiple Cross-Site Request Forgery Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Apr/106"
}
]
}
} }

138
2016/1xxx/CVE-2016-1463.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1463", "ID": "CVE-2016-1463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160727 Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight" "lang": "eng",
}, "value": "Cisco FireSIGHT System Software 5.3.0, 5.3.1, 5.4.0, 6.0, and 6.0.1 allows remote attackers to bypass Snort rules via crafted parameters in the header of an HTTP packet, aka Bug ID CSCuz20737."
{ }
"name" : "92152", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92152" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036471", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036471" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1036471",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036471"
},
{
"name": "92152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92152"
},
{
"name": "20160727 Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight"
}
]
}
} }

32
2016/1xxx/CVE-2016-1507.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1507", "ID": "CVE-2016-1507",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2016/1xxx/CVE-2016-1542.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-1542", "ID": "CVE-2016-1542",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160328 BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537909/100/0/threaded" "lang": "eng",
}, "value": "The RPC API in RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6.x, and 8.7.x on Linux and UNIX allows remote attackers to bypass authorization and enumerate users by sending an action packet to xmlrpc after an authorization failure."
{ }
"name" : "43902", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/43902/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "43939", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43939/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/136461/BMC-Server-Automation-BSA-RSCD-Agent-User-Enumeration.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/136461/BMC-Server-Automation-BSA-RSCD-Agent-User-Enumeration.html" ]
}, },
{ "references": {
"name" : "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/", "reference_data": [
"refsource" : "MISC", {
"url" : "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/" "name": "http://packetstormsecurity.com/files/136461/BMC-Server-Automation-BSA-RSCD-Agent-User-Enumeration.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/136461/BMC-Server-Automation-BSA-RSCD-Agent-User-Enumeration.html"
"name" : "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution", },
"refsource" : "CONFIRM", {
"url" : "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution" "name": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/",
} "refsource": "MISC",
] "url": "https://www.insinuator.net/2016/03/bmc-bladelogic-cve-2016-1542-and-cve-2016-1543/"
} },
{
"name": "20160328 BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537909/100/0/threaded"
},
{
"name": "43902",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43902/"
},
{
"name": "43939",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43939/"
},
{
"name": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution",
"refsource": "CONFIRM",
"url": "https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=kA214000000dBpnCAE&type=Solution"
}
]
}
} }

138
2016/1xxx/CVE-2016-1716.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1716", "ID": "CVE-2016-1716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205731", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205731" "lang": "eng",
}, "value": "AppleGraphicsPowerManagement in Apple OS X before 10.11.3 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
{ }
"name" : "APPLE-SA-2016-01-19-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034736", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034736" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT205731",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205731"
},
{
"name": "1034736",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034736"
},
{
"name": "APPLE-SA-2016-01-19-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html"
}
]
}
} }

32
2016/1xxx/CVE-2016-1934.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1934", "ID": "CVE-2016-1934",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2016/5xxx/CVE-2016-5030.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5030", "ID": "CVE-2016-5030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" "lang": "eng",
}, "value": "The _dwarf_calculate_info_section_end_ptr function in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file."
{ }
"name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.prevanders.net/dwarfbug.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.prevanders.net/dwarfbug.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.prevanders.net/dwarfbug.html",
"refsource": "CONFIRM",
"url": "https://www.prevanders.net/dwarfbug.html"
},
{
"name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/24/1"
},
{
"name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/25/1"
}
]
}
} }

118
2016/5xxx/CVE-2016-5069.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-5069", "ID": "CVE-2016-5069",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2", "product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2" "version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "guessable session tokens"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://carvesystems.com/sierra-wireless-2016-advisory.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://carvesystems.com/sierra-wireless-2016-advisory.html" "lang": "eng",
} "value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 use guessable session tokens, which are in the URL."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "guessable session tokens"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
} }

178
2016/5xxx/CVE-2016-5351.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5351", "ID": "CVE-2016-5351",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160609 Re: CVE Request: wireshark releases", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/09/3" "lang": "eng",
}, "value": "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.wireshark.org/security/wnpa-sec-2016-30.html", ]
"refsource" : "CONFIRM", }
"url" : "https://www.wireshark.org/security/wnpa-sec-2016-30.html" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11585"
"name" : "DSA-3615", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3615" "name": "[oss-security] 20160609 Re: CVE Request: wireshark releases",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/09/3"
"name" : "91140", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91140" "name": "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4",
} "refsource": "CONFIRM",
] "url": "https://github.com/wireshark/wireshark/commit/9b0b20b8d5f8c9f7839d58ff6c5900f7e19283b4"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "https://www.wireshark.org/security/wnpa-sec-2016-30.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2016-30.html"
},
{
"name": "DSA-3615",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3615"
},
{
"name": "91140",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91140"
}
]
}
} }

138
2016/5xxx/CVE-2016-5434.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5434", "ID": "CVE-2016-5434",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160611 CVE Request for Denial of Service in pacman 5.0.1", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/11/4" "lang": "eng",
}, "value": "libalpm, as used in pacman 5.0.1, allows remote attackers to cause a denial of service (infinite loop or out-of-bounds read) via a crafted signature file."
{ }
"name" : "[oss-security] 20160614 Re: CVE Request for Denial of Service in pacman 5.0.1", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/14/6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[pacman-dev] 20160606 [PATCH] Fix OOB read and endless loop in signature parser.", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.archlinux.org/pipermail/pacman-dev/2016-June/021148.html" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "[pacman-dev] 20160606 [PATCH] Fix OOB read and endless loop in signature parser.",
"refsource": "MLIST",
"url": "https://lists.archlinux.org/pipermail/pacman-dev/2016-June/021148.html"
},
{
"name": "[oss-security] 20160611 CVE Request for Denial of Service in pacman 5.0.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/11/4"
},
{
"name": "[oss-security] 20160614 Re: CVE Request for Denial of Service in pacman 5.0.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/14/6"
}
]
}
} }

128
2016/5xxx/CVE-2016-5729.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5729", "ID": "CVE-2016-5729",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.lenovo.com/us/en/product_security/len_4901", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.lenovo.com/us/en/product_security/len_4901" "lang": "eng",
}, "value": "Lenovo BIOS EFI Driver allows local administrators to execute arbitrary code with System Management Mode (SMM) privileges via unspecified vectors."
{ }
"name" : "91536", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91536" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.lenovo.com/us/en/product_security/len_4901",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/len_4901"
},
{
"name": "91536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91536"
}
]
}
} }

32
2016/5xxx/CVE-2016-5915.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5915", "ID": "CVE-2016-5915",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2018/2xxx/CVE-2018-2026.json
View File

@ -1,98 +1,98 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-01-21T00:00:00", "DATE_PUBLIC": "2019-01-21T00:00:00",
"ID" : "CVE-2018-2026", "ID": "CVE-2018-2026",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Transaction Manager", "product_name": "Financial Transaction Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.2.1" "version_value": "3.2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10795536", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10795536" "lang": "eng",
}, "value": "IBM Financial Transaction Manager 3.2.1 for Digital Payments could allow an authenticated user to obtain a directory listing of internal product files. IBM X-Force ID: 155552."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=ibm10795544", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=ibm10795544" "impact": {
}, "cvssv3": {
{ "BM": {
"name" : "106733", "A": "N",
"refsource" : "BID", "AC": "L",
"url" : "http://www.securityfocus.com/bid/106733" "AV": "N",
}, "C": "L",
{ "I": "N",
"name" : "ibm-ftm-cve20182026-info-disc(155552)", "PR": "L",
"refsource" : "XF", "S": "U",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155552" "SCORE": "4.300",
} "UI": "N"
] },
} "TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106733",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106733"
},
{
"name": "ibm-ftm-cve20182026-info-disc(155552)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155552"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10795536",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10795536"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10795544",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10795544"
}
]
}
} }

140
2018/2xxx/CVE-2018-2855.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2855", "ID": "CVE-2018-2855",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Services Basel Regulatory Capital Basic", "product_name": "Financial Services Basel Regulatory Capital Basic",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.x" "version_value": "8.0.x"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Basic. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Basic accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Basic accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Basic. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Basic accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Basic accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Basic. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Basic accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Basic accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
{ }
"name" : "103795", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103795" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040693", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040693" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Basic. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Basic accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Basic accessible data."
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "103795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103795"
},
{
"name": "1040693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040693"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
}
]
}
} }

140
2018/2xxx/CVE-2018-2946.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2946", "ID": "CVE-2018-2946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "JD Edwards EnterpriseOne Tools", "product_name": "JD Edwards EnterpriseOne Tools",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "9.2" "version_value": "9.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
{ }
"name" : "104789", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104789" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1041305", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041305" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data."
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "104789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104789"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "1041305",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041305"
}
]
}
} }

32
2019/0xxx/CVE-2019-0043.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0043", "ID": "CVE-2019-0043",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0339.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0339", "ID": "CVE-2019-0339",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0404.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0404", "ID": "CVE-2019-0404",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0907.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0907", "ID": "CVE-2019-0907",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1075.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1075", "ID": "CVE-2019-1075",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1458.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1458", "ID": "CVE-2019-1458",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1525.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1525", "ID": "CVE-2019-1525",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1738.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1738", "ID": "CVE-2019-1738",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4168.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4168", "ID": "CVE-2019-4168",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4384.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4384", "ID": "CVE-2019-4384",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4436.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4436", "ID": "CVE-2019-4436",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4438.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4438", "ID": "CVE-2019-4438",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5095.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5095", "ID": "CVE-2019-5095",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5485.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5485", "ID": "CVE-2019-5485",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5619.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5619", "ID": "CVE-2019-5619",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5994.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5994", "ID": "CVE-2019-5994",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9129.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9129", "ID": "CVE-2019-9129",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9265.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9265", "ID": "CVE-2019-9265",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }