admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:08:23 +00:00
parent 79b8eb28db
commit 21f1bc56f6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3243 additions and 3243 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
2007/0xxx/CVE-2007-0133.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0133",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ADV-2007-0056",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0056"
},
{
"name" : "33386",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33386"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in display_review.php in iGeneric iG Shop 1.4 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) user_login_cookie parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33386",
"refsource": "OSVDB",
"url": "http://osvdb.org/33386"
},
{
"name": "ADV-2007-0056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0056"
}
]
}
}

190
2007/0xxx/CVE-2007-0139.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0139",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain \"unintended privileged access to data and system resources\" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt"
},
{
"name" : "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt",
"refsource" : "CONFIRM",
"url" : "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt"
},
{
"name" : "ADV-2007-0063",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0063"
},
{
"name" : "32583",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32583"
},
{
"name" : "32584",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32584"
},
{
"name" : "32585",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32585"
},
{
"name" : "32586",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32586"
},
{
"name" : "23636",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23636"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain \"unintended privileged access to data and system resources\" via unspecified vectors, related to (1) [SYSEXE]CTF$UI.EXE, (2) [SYSMSG]CTF$MESSAGES.EXE, (3) [SYSHLP]CTF$HELP.HLB, and (4) [SYSMGR]CTF$STARTUP.COM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32583",
"refsource": "OSVDB",
"url": "http://osvdb.org/32583"
},
{
"name": "32586",
"refsource": "OSVDB",
"url": "http://osvdb.org/32586"
},
{
"name": "32584",
"refsource": "OSVDB",
"url": "http://osvdb.org/32584"
},
{
"name": "32585",
"refsource": "OSVDB",
"url": "http://osvdb.org/32585"
},
{
"name": "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.itrc.hp.com/openvms_patches/vax/V7.3/VAX_DNVOSIMUP01-V0703.txt"
},
{
"name": "ADV-2007-0063",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0063"
},
{
"name": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIMUP01-V0703-2.txt"
},
{
"name": "23636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23636"
}
]
}
}

170
2007/0xxx/CVE-2007-0266.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0266",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070111 Ezboxx multiple vulnerabilities.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456699/100/0/threaded"
},
{
"name" : "http://www.bugsec.com/articles.php?Security=20",
"refsource" : "MISC",
"url" : "http://www.bugsec.com/articles.php?Security=20"
},
{
"name" : "ADV-2007-0208",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0208"
},
{
"name" : "32825",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32825"
},
{
"name" : "33466",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33466"
},
{
"name" : "23759",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23759"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in boxx/ShowAppendix.asp in Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the iid parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23759"
},
{
"name": "ADV-2007-0208",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0208"
},
{
"name": "32825",
"refsource": "OSVDB",
"url": "http://osvdb.org/32825"
},
{
"name": "http://www.bugsec.com/articles.php?Security=20",
"refsource": "MISC",
"url": "http://www.bugsec.com/articles.php?Security=20"
},
{
"name": "20070111 Ezboxx multiple vulnerabilities.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456699/100/0/threaded"
},
{
"name": "33466",
"refsource": "OSVDB",
"url": "http://osvdb.org/33466"
}
]
}
}

34
2007/0xxx/CVE-2007-0438.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0438",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0438",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

620
2007/0xxx/CVE-2007-0493.json
View File

@ -1,312 +1,312 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0493",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to \"dereference a freed fetch context.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-0493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458066/100/0/threaded"
},
{
"name" : "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052018.html"
},
{
"name" : "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.",
"refsource" : "MLIST",
"url" : "http://marc.info/?l=bind-announce&m=116968519321296&w=2"
},
{
"name" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
"refsource" : "CONFIRM",
"url" : "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8",
"refsource" : "CONFIRM",
"url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8"
},
{
"name" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4",
"refsource" : "CONFIRM",
"url" : "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4"
},
{
"name" : "https://issues.rpath.com/browse/RPL-989",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-989"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305530",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488",
"refsource" : "CONFIRM",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
},
{
"name" : "APPLE-SA-2007-05-24",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name" : "FEDORA-2007-147",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2507"
},
{
"name" : "FEDORA-2007-164",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2537"
},
{
"name" : "FreeBSD-SA-07:02",
"refsource" : "FREEBSD",
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc"
},
{
"name" : "GLSA-200702-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200702-06.xml"
},
{
"name" : "HPSBTU02207",
"refsource" : "HP",
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name" : "SSRT061213",
"refsource" : "HP",
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name" : "SSRT061239",
"refsource" : "HP",
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name" : "SSRT071304",
"refsource" : "HP",
"url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name" : "HPSBUX02219",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
},
{
"name" : "SSRT061273",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
},
{
"name" : "MDKSA-2007:030",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030"
},
{
"name" : "NetBSD-SA2007-003",
"refsource" : "NETBSD",
"url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc"
},
{
"name" : "OpenPKG-SA-2007.007",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html"
},
{
"name" : "RHSA-2007:0057",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0057.html"
},
{
"name" : "SSA:2007-026-01",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157"
},
{
"name" : "SUSE-SA:2007:014",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html"
},
{
"name" : "2007-0005",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2007/0005"
},
{
"name" : "USN-418-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-418-1"
},
{
"name" : "22229",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22229"
},
{
"name" : "oval:org.mitre.oval:def:9614",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9614"
},
{
"name" : "ADV-2007-0349",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0349"
},
{
"name" : "ADV-2007-1401",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1401"
},
{
"name" : "ADV-2007-1939",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name" : "ADV-2007-2163",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2163"
},
{
"name" : "ADV-2007-2315",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2315"
},
{
"name" : "1017561",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017561"
},
{
"name" : "23904",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23904"
},
{
"name" : "23972",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23972"
},
{
"name" : "23924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23924"
},
{
"name" : "23943",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23943"
},
{
"name" : "23974",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23974"
},
{
"name" : "23977",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23977"
},
{
"name" : "24054",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24054"
},
{
"name" : "24014",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24014"
},
{
"name" : "24048",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24048"
},
{
"name" : "24129",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24129"
},
{
"name" : "24203",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24203"
},
{
"name" : "24950",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24950"
},
{
"name" : "24930",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24930"
},
{
"name" : "25402",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25402"
},
{
"name" : "25649",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25649"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to \"dereference a freed fetch context.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SSRT061273",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305530",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305530"
},
{
"name": "GLSA-200702-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200702-06.xml"
},
{
"name": "24129",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24129"
},
{
"name": "24048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24048"
},
{
"name": "ADV-2007-1939",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1939"
},
{
"name": "FreeBSD-SA-07:02",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-07:02.bind.asc"
},
{
"name": "SSRT071304",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name": "OpenPKG-SA-2007.007",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.007.html"
},
{
"name": "NetBSD-SA2007-003",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2007-003.txt.asc"
},
{
"name": "23943",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23943"
},
{
"name": "MDKSA-2007:030",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:030"
},
{
"name": "RHSA-2007:0057",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0057.html"
},
{
"name": "2007-0005",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2007/0005"
},
{
"name": "APPLE-SA-2007-05-24",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
},
{
"name": "25402",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25402"
},
{
"name": "25649",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25649"
},
{
"name": "24930",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24930"
},
{
"name": "ADV-2007-2163",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2163"
},
{
"name": "SSRT061213",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name": "FEDORA-2007-164",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2537"
},
{
"name": "23977",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23977"
},
{
"name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8",
"refsource": "CONFIRM",
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.2.8"
},
{
"name": "SSRT061239",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name": "http://www.isc.org/index.pl?/sw/bind/bind-security.php",
"refsource": "CONFIRM",
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"name": "HPSBUX02219",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01070495"
},
{
"name": "USN-418-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-418-1"
},
{
"name": "24203",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24203"
},
{
"name": "24014",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24014"
},
{
"name": "24054",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24054"
},
{
"name": "23974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23974"
},
{
"name": "ADV-2007-2315",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2315"
},
{
"name": "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458066/100/0/threaded"
},
{
"name": "SUSE-SA:2007:014",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0016.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-989",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-989"
},
{
"name": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4",
"refsource": "CONFIRM",
"url": "http://www.isc.org/index.pl?/sw/bind/view/?release=9.3.4"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952488"
},
{
"name": "[bind-announce] 20070125 Internet Systems Consortium Security Advisory.",
"refsource": "MLIST",
"url": "http://marc.info/?l=bind-announce&m=116968519321296&w=2"
},
{
"name": "ADV-2007-1401",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1401"
},
{
"name": "FEDORA-2007-147",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2507"
},
{
"name": "23904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23904"
},
{
"name": "HPSBTU02207",
"refsource": "HP",
"url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144"
},
{
"name": "22229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22229"
},
{
"name": "ADV-2007-0349",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0349"
},
{
"name": "20070125 BIND remote exploit (low severity) [Fwd: Internet Systems Consortium Security Advisory.]",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052018.html"
},
{
"name": "1017561",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017561"
},
{
"name": "23924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23924"
},
{
"name": "oval:org.mitre.oval:def:9614",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9614"
},
{
"name": "SSA:2007-026-01",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.494157"
},
{
"name": "24950",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24950"
},
{
"name": "23972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23972"
}
]
}
}

170
2007/1xxx/CVE-2007-1413.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1413",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3439",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3439"
},
{
"name" : "4204",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4204"
},
{
"name" : "http://retrogod.altervista.org/php_446_snmpget_local_bof.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/php_446_snmpget_local_bof.html"
},
{
"name" : "22893",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22893"
},
{
"name" : "24440",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24440"
},
{
"name" : "php-snmpget-function-bo(35517)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35517"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the snmpget function in the snmp extension in PHP 5.2.3 and earlier, including PHP 4.4.6 and probably other PHP 4 versions, allows context-dependent attackers to execute arbitrary code via a long value in the third argument (object id)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "php-snmpget-function-bo(35517)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35517"
},
{
"name": "4204",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4204"
},
{
"name": "3439",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3439"
},
{
"name": "http://retrogod.altervista.org/php_446_snmpget_local_bof.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/php_446_snmpget_local_bof.html"
},
{
"name": "24440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24440"
},
{
"name": "22893",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22893"
}
]
}
}

170
2007/1xxx/CVE-2007-1500.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1500",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1500",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=159542",
"refsource" : "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=159542"
},
{
"name" : "GLSA-200703-20",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200703-20.xml"
},
{
"name" : "23014",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23014"
},
{
"name" : "34267",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34267"
},
{
"name" : "24526",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24526"
},
{
"name" : "gentoo-lsat-symlink(33057)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33057"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24526",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24526"
},
{
"name": "23014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23014"
},
{
"name": "gentoo-lsat-symlink(33057)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33057"
},
{
"name": "34267",
"refsource": "OSVDB",
"url": "http://osvdb.org/34267"
},
{
"name": "GLSA-200703-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-20.xml"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=159542",
"refsource": "MISC",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=159542"
}
]
}
}

160
2007/1xxx/CVE-2007-1789.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1789",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.flyspray.org/changelog",
"refsource" : "CONFIRM",
"url" : "http://www.flyspray.org/changelog"
},
{
"name" : "23214",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23214"
},
{
"name" : "ADV-2007-1181",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1181"
},
{
"name" : "34591",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34591"
},
{
"name" : "24702",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24702"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Flyspray 0.9.9 allows remote attackers to obtain sensitive information (private project summaries) via direct requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23214"
},
{
"name": "34591",
"refsource": "OSVDB",
"url": "http://osvdb.org/34591"
},
{
"name": "24702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24702"
},
{
"name": "http://www.flyspray.org/changelog",
"refsource": "CONFIRM",
"url": "http://www.flyspray.org/changelog"
},
{
"name": "ADV-2007-1181",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1181"
}
]
}
}

34
2007/3xxx/CVE-2007-3904.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3904",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2007-3904",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
}
]
}
}

190
2007/4xxx/CVE-2007-4455.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4455",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2007/Aug/0393.html"
},
{
"name" : "http://downloads.digium.com/pub/asa/AST-2007-020.html",
"refsource" : "CONFIRM",
"url" : "http://downloads.digium.com/pub/asa/AST-2007-020.html"
},
{
"name" : "25392",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25392"
},
{
"name" : "ADV-2007-2953",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2953"
},
{
"name" : "1018595",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018595"
},
{
"name" : "26553",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26553"
},
{
"name" : "3047",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3047"
},
{
"name" : "asterisk-sip-dialoghistory-dos(36145)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36145"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP channel driver (chan_sip) in Asterisk Open Source 1.4.x before 1.4.11, AsteriskNOW before beta7, Asterisk Appliance Developer Kit 0.x before 0.8.0, and s800i (Asterisk Appliance) 1.x before 1.0.3 allows remote attackers to cause a denial of service (memory exhaustion) via a SIP dialog that causes a large number of history entries to be created."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3047",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3047"
},
{
"name": "ADV-2007-2953",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2953"
},
{
"name": "http://downloads.digium.com/pub/asa/AST-2007-020.html",
"refsource": "CONFIRM",
"url": "http://downloads.digium.com/pub/asa/AST-2007-020.html"
},
{
"name": "25392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25392"
},
{
"name": "20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2007/Aug/0393.html"
},
{
"name": "asterisk-sip-dialoghistory-dos(36145)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36145"
},
{
"name": "26553",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26553"
},
{
"name": "1018595",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018595"
}
]
}
}

210
2007/4xxx/CVE-2007-4665.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4665",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4665",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=535898",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=535898"
},
{
"name" : "http://tracker.firebirdsql.org/browse/CORE-1403",
"refsource" : "CONFIRM",
"url" : "http://tracker.firebirdsql.org/browse/CORE-1403"
},
{
"name" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202"
},
{
"name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf"
},
{
"name" : "DSA-1529",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1529"
},
{
"name" : "25497",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25497"
},
{
"name" : "ADV-2007-3021",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3021"
},
{
"name" : "26615",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26615"
},
{
"name" : "29501",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29501"
},
{
"name" : "firebird-xnet-dos(36353)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36353"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25497"
},
{
"name": "http://tracker.firebirdsql.org/browse/CORE-1403",
"refsource": "CONFIRM",
"url": "http://tracker.firebirdsql.org/browse/CORE-1403"
},
{
"name": "ADV-2007-3021",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3021"
},
{
"name": "26615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26615"
},
{
"name": "firebird-xnet-dos(36353)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36353"
},
{
"name": "http://www.firebirdsql.org/index.php?op=files&id=engine_202",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/index.php?op=files&id=engine_202"
},
{
"name": "29501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29501"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=535898",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=535898"
},
{
"name": "DSA-1529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1529"
},
{
"name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf",
"refsource": "CONFIRM",
"url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf"
}
]
}
}

34
2014/5xxx/CVE-2014-5151.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5151",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5151",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2014/5xxx/CVE-2014-5789.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5789",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#890321",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/890321"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Ninja Chicken Ooga Booga (aka mominis.Generic_Android.Ninja_Chicken_Ooga_Booga) application 1.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#890321",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/890321"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

150
2015/2xxx/CVE-2015-2349.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2349",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150310 SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/55"
},
{
"name" : "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html"
},
{
"name" : "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/",
"refsource" : "MISC",
"url" : "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/"
},
{
"name" : "73063",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73063"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in defaultnewsletter.php in SuperWebMailer 5.60.0.01190 and earlier allows remote attackers to inject arbitrary web script or HTML via the HTMLForm parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150310 SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/55"
},
{
"name": "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130751/SuperWebMailer-5.50.0.01160-Cross-Site-Scripting.html"
},
{
"name": "73063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73063"
},
{
"name": "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/",
"refsource": "MISC",
"url": "http://tetraph.com/security/xss-vulnerability/superwebmailer-5-50-0-01160-xss-cross-site-scripting-security-vulnerabilities/"
}
]
}
}

130
2015/2xxx/CVE-2015-2391.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2391",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
},
{
"name" : "1032894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032894"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032894"
},
{
"name": "MS15-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}
]
}
}

160
2015/2xxx/CVE-2015-2704.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2704",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=89207",
"refsource" : "CONFIRM",
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=89207"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "FEDORA-2015-6387",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html"
},
{
"name" : "FEDORA-2015-6124",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html"
},
{
"name" : "73352",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73352"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2015-6124",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155862.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "FEDORA-2015-6387",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157358.html"
},
{
"name": "73352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73352"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=89207",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=89207"
}
]
}
}

140
2015/6xxx/CVE-2015-6721.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6721",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-6721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-502",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-502"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "1033796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033796"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6714, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-502",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-502"
}
]
}
}

210
2015/7xxx/CVE-2015-7083.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7083",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-7083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT205635",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205635"
},
{
"name" : "https://support.apple.com/HT205637",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205637"
},
{
"name" : "https://support.apple.com/HT205640",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205640"
},
{
"name" : "https://support.apple.com/HT205641",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205641"
},
{
"name" : "APPLE-SA-2015-12-08-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name" : "APPLE-SA-2015-12-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
},
{
"name" : "APPLE-SA-2015-12-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name" : "APPLE-SA-2015-12-08-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name" : "78719",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78719"
},
{
"name" : "1034344",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034344"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT205635",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205635"
},
{
"name": "https://support.apple.com/HT205637",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205637"
},
{
"name": "1034344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034344"
},
{
"name": "APPLE-SA-2015-12-08-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name": "78719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78719"
},
{
"name": "APPLE-SA-2015-12-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name": "https://support.apple.com/HT205641",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205641"
},
{
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
}
]
}
}

140
2015/7xxx/CVE-2015-7539.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7539",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-7539",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09",
"refsource" : "CONFIRM",
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09"
},
{
"name" : "RHSA-2016:0070",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"name" : "RHSA-2016:0489",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0489.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09"
},
{
"name": "RHSA-2016:0489",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html"
},
{
"name": "RHSA-2016:0070",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0070"
}
]
}
}

150
2015/7xxx/CVE-2015-7640.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7640",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-7640",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html"
},
{
"name" : "RHSA-2015:2024",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
},
{
"name" : "RHSA-2015:1893",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html"
},
{
"name" : "77061",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77061"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, CVE-2015-7635, CVE-2015-7636, CVE-2015-7637, CVE-2015-7638, CVE-2015-7639, CVE-2015-7641, CVE-2015-7642, CVE-2015-7643, and CVE-2015-7644."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:2024",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
},
{
"name": "77061",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77061"
},
{
"name": "RHSA-2015:1893",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html"
}
]
}
}

200
2015/7xxx/CVE-2015-7756.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7756",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/",
"refsource" : "MISC",
"url" : "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/"
},
{
"name" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/",
"refsource" : "MISC",
"url" : "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/"
},
{
"name" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/",
"refsource" : "MISC",
"url" : "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/"
},
{
"name" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/",
"refsource" : "MISC",
"url" : "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/"
},
{
"name" : "https://github.com/hdm/juniper-cve-2015-7755",
"refsource" : "MISC",
"url" : "https://github.com/hdm/juniper-cve-2015-7755"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713"
},
{
"name" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554",
"refsource" : "CONFIRM",
"url" : "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554"
},
{
"name" : "VU#640184",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/640184"
},
{
"name" : "1034489",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034489"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 makes it easier for remote attackers to discover the plaintext content of VPN sessions by sniffing the network for ciphertext data and conducting an unspecified decryption attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/",
"refsource": "MISC",
"url": "http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/"
},
{
"name": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/",
"refsource": "MISC",
"url": "http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/"
},
{
"name": "1034489",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034489"
},
{
"name": "VU#640184",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/640184"
},
{
"name": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554",
"refsource": "CONFIRM",
"url": "https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554"
},
{
"name": "https://github.com/hdm/juniper-cve-2015-7755",
"refsource": "MISC",
"url": "https://github.com/hdm/juniper-cve-2015-7755"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713"
},
{
"name": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/",
"refsource": "MISC",
"url": "https://adamcaudill.com/2015/12/17/much-ado-about-juniper/"
},
{
"name": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/",
"refsource": "MISC",
"url": "http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/"
}
]
}
}

130
2015/7xxx/CVE-2015-7825.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7825",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://botan.randombit.net/security.html#id3",
"refsource" : "CONFIRM",
"url" : "https://botan.randombit.net/security.html#id3"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311618",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311618"
},
{
"name": "https://botan.randombit.net/security.html#id3",
"refsource": "CONFIRM",
"url": "https://botan.randombit.net/security.html#id3"
}
]
}
}

140
2016/0xxx/CVE-2016-0101.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0101",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka \"Windows Media Parsing Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-027",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-027"
},
{
"name" : "84111",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84111"
},
{
"name" : "1035200",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035200"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka \"Windows Media Parsing Remote Code Execution Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035200",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035200"
},
{
"name": "84111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84111"
},
{
"name": "MS16-027",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-027"
}
]
}
}

190
2016/0xxx/CVE-2016-0203.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0203",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Cloud Orchestrator",
"version" : {
"version_data" : [
{
"version_value" : "2.2"
},
{
"version_value" : "2.2.0.1"
},
{
"version_value" : "2.3"
},
{
"version_value" : "2.4"
},
{
"version_value" : "2.3.0.1"
},
{
"version_value" : "2.4.0.1"
},
{
"version_value" : "2.4.0.2"
},
{
"version_value" : "2.5"
},
{
"version_value" : "2.5.0.1"
},
{
"version_value" : "2.4.0.3"
},
{
"version_value" : "2.5.0.2"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloud Orchestrator",
"version": {
"version_data": [
{
"version_value": "2.2"
},
{
"version_value": "2.2.0.1"
},
{
"version_value": "2.3"
},
{
"version_value": "2.4"
},
{
"version_value": "2.3.0.1"
},
{
"version_value": "2.4.0.1"
},
{
"version_value": "2.4.0.2"
},
{
"version_value": "2.5"
},
{
"version_value": "2.5.0.1"
},
{
"version_value": "2.4.0.3"
},
{
"version_value": "2.5.0.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
},
{
"name" : "94440",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94440"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94440"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
}
]
}
}

130
2016/0xxx/CVE-2016-0330.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0330",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0330",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"name" : "1036255",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036255"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorithm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
},
{
"name": "1036255",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036255"
}
]
}
}

140
2016/0xxx/CVE-2016-0380.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0380",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0380",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988278",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21988278"
},
{
"name" : "IT14769",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769"
},
{
"name" : "92336",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92336"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92336"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21988278",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21988278"
},
{
"name": "IT14769",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT14769"
}
]
}
}

130
2016/0xxx/CVE-2016-0837.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0837",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-0837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://source.android.com/security/bulletin/2016-04-02.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-04-02.html"
},
{
"name" : "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf",
"refsource" : "CONFIRM",
"url" : "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted media file, aka internal bug 27208621."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/av/+/7a282fb64fef25349e9d341f102d9cea3bf75baf"
},
{
"name": "http://source.android.com/security/bulletin/2016-04-02.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-04-02.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000178.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000178",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000178",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

132
2016/10xxx/CVE-2016-10544.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2016-10544",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "uws node module",
"version" : {
"version_data" : [
{
"version_value" : ">=0.10.0 <=0.10.8"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service (CWE-400)"
}
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2016-10544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "uws node module",
"version": {
"version_data": [
{
"version_value": ">=0.10.0 <=0.10.8"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9",
"refsource" : "MISC",
"url" : "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9"
},
{
"name" : "https://nodesecurity.io/advisories/149",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/149"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "uws is a WebSocket server library. By sending a 256mb websocket message to a uws server instance with permessage-deflate enabled, there is a possibility used compression will shrink said 256mb down to less than 16mb of websocket payload which passes the length check of 16mb payload. This data will then inflate up to 256mb and crash the node process by exceeding V8's maximum string size. This affects uws >=0.10.0 <=0.10.8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9",
"refsource": "MISC",
"url": "https://github.com/uWebSockets/uWebSockets/commit/37deefd01f0875e133ea967122e3a5e421b8fcd9"
},
{
"name": "https://nodesecurity.io/advisories/149",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/149"
}
]
}
}

34
2016/1xxx/CVE-2016-1164.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1164",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-1164",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

140
2016/1xxx/CVE-2016-1175.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1175",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-1175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.sharp.co.jp/support/photoplayer/fw_update.html",
"refsource" : "CONFIRM",
"url" : "http://www.sharp.co.jp/support/photoplayer/fw_update.html"
},
{
"name" : "JVN#47164236",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN47164236/index.html"
},
{
"name" : "JVNDB-2016-000039",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000039"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#47164236",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN47164236/index.html"
},
{
"name": "JVNDB-2016-000039",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000039"
},
{
"name": "http://www.sharp.co.jp/support/photoplayer/fw_update.html",
"refsource": "CONFIRM",
"url": "http://www.sharp.co.jp/support/photoplayer/fw_update.html"
}
]
}
}

130
2016/1xxx/CVE-2016-1990.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1990",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452"
},
{
"name" : "1035282",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035282"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE ArcSight ESM 5.x before 5.6, 6.0, 6.5.x before 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express before 6.9.1, allows local users to gain privileges for command execution via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048452"
},
{
"name": "1035282",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035282"
}
]
}
}

220
2016/4xxx/CVE-2016-4302.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4302",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-4302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.talosintel.com/2016/06/the-poisoned-archives.html",
"refsource" : "MISC",
"url" : "http://blog.talosintel.com/2016/06/the-poisoned-archives.html"
},
{
"name" : "http://www.talosintel.com/reports/TALOS-2016-0154/",
"refsource" : "MISC",
"url" : "http://www.talosintel.com/reports/TALOS-2016-0154/"
},
{
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444"
},
{
"name" : "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700",
"refsource" : "CONFIRM",
"url" : "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700"
},
{
"name" : "https://github.com/libarchive/libarchive/issues/719",
"refsource" : "CONFIRM",
"url" : "https://github.com/libarchive/libarchive/issues/719"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name" : "DSA-3657",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3657"
},
{
"name" : "GLSA-201701-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-03"
},
{
"name" : "RHSA-2016:1844",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1844.html"
},
{
"name" : "91331",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91331"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the parse_codes function in archive_read_support_format_rar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:1844",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "http://blog.talosintel.com/2016/06/the-poisoned-archives.html",
"refsource": "MISC",
"url": "http://blog.talosintel.com/2016/06/the-poisoned-archives.html"
},
{
"name": "http://www.talosintel.com/reports/TALOS-2016-0154/",
"refsource": "MISC",
"url": "http://www.talosintel.com/reports/TALOS-2016-0154/"
},
{
"name": "https://github.com/libarchive/libarchive/issues/719",
"refsource": "CONFIRM",
"url": "https://github.com/libarchive/libarchive/issues/719"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "91331",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91331"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1348444"
},
{
"name": "GLSA-201701-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-03"
},
{
"name": "DSA-3657",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3657"
},
{
"name": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700",
"refsource": "CONFIRM",
"url": "https://github.com/libarchive/libarchive/commit/05caadc7eedbef471ac9610809ba683f0c698700"
}
]
}
}

120
2016/4xxx/CVE-2016-4370.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4370",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Project and Portfolio Management Center (PPM) 9.2x and 9.3x before 9.32.0002 allows remote authenticated users to execute arbitrary commands or obtain sensitive information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05167126"
}
]
}
}

120
2016/4xxx/CVE-2016-4507.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4507",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-4507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Rexroth Bosch BLADEcontrol-WebVIS 3.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-187-01"
}
]
}
}

34
2016/4xxx/CVE-2016-4515.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4515",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-4515",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}
}

160
2016/4xxx/CVE-2016-4620.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4620",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT207143",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207143"
},
{
"name" : "APPLE-SA-2016-09-13-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html"
},
{
"name" : "APPLE-SA-2016-09-20-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
},
{
"name" : "92932",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92932"
},
{
"name" : "1036797",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036797"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to directory metadata for SMS draft directories, which allows attackers to discover text-message recipients via a crafted app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-09-20-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
},
{
"name": "1036797",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036797"
},
{
"name": "APPLE-SA-2016-09-13-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html"
},
{
"name": "92932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92932"
},
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}
}

130
2016/4xxx/CVE-2016-4789.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4789",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209",
"refsource" : "CONFIRM",
"url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209"
},
{
"name" : "1035932",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035932"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the system configuration section in the administrative user interface in Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r9, and 7.4 before 7.4r13.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035932",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035932"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40209"
}
]
}
}

34
2019/3xxx/CVE-2019-3045.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3045",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3045",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3235.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3235",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3235",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3285.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3285",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3285",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3697.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3697",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3697",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3722.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3722",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3722",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4461.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4461",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4461",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4766.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4766",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4766",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4979.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4979",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4979",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6005.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6005",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6005",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/6xxx/CVE-2019-6104.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6104",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6104",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2019/6xxx/CVE-2019-6110.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6110",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "46193",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46193/"
},
{
"name" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c",
"refsource" : "MISC",
"url" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c"
},
{
"name" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c",
"refsource" : "MISC",
"url" : "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"
},
{
"name" : "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt",
"refsource" : "MISC",
"url" : "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20190213-0001/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20190213-0001/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.netapp.com/advisory/ntap-20190213-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190213-0001/"
},
{
"name": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c",
"refsource": "MISC",
"url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"
},
{
"name": "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c",
"refsource": "MISC",
"url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c"
},
{
"name": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt",
"refsource": "MISC",
"url": "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt"
},
{
"name": "46193",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46193/"
}
]
}
}

34
2019/6xxx/CVE-2019-6415.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6415",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6415",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7418.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7418",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7418",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7712.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7712",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7712",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7956.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7956",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7956",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8089.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8089",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8089",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8128.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8128",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8128",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8605.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8605",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8605",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8834.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8834",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8834",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9332.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9332",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9332",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9338.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9338",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9338",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}