admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:28:18 +00:00
parent fd89b21df7
commit 2f68b708b2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 3887 additions and 3887 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
1999/0xxx/CVE-1999-0463.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0463", "ID": "CVE-1999-0463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Remote attackers can perform a denial of service using IRIX fcagent."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19981201-01-PX", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19981201-01-PX" "lang": "eng",
} "value": "Remote attackers can perform a denial of service using IRIX fcagent."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981201-01-PX",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19981201-01-PX"
}
]
}
} }

138
2007/0xxx/CVE-2007-0091.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0091", "ID": "CVE-2007-0091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "newsCMSlite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for newsCMS.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3066", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3066" "lang": "eng",
}, "value": "newsCMSlite stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for newsCMS.mdb."
{ }
"name" : "37548", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/37548" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "newscmslite-newscms-info-disclosure(31222)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31222" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "newscmslite-newscms-info-disclosure(31222)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31222"
},
{
"name": "3066",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3066"
},
{
"name": "37548",
"refsource": "OSVDB",
"url": "http://osvdb.org/37548"
}
]
}
} }

168
2007/0xxx/CVE-2007-0705.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0705", "ID": "CVE-2007-0705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fenrir.co.jp/press/20070126_2.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.fenrir.co.jp/press/20070126_2.html" "lang": "eng",
}, "value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html", ]
"refsource" : "MISC", },
"url" : "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#93700808", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2393700808/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0364", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0364" ]
}, },
{ "references": {
"name" : "32977", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32977" "name": "ADV-2007-0364",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0364"
"name" : "23927", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23927" "name": "http://www.fenrir.co.jp/press/20070126_2.html",
} "refsource": "MISC",
] "url": "http://www.fenrir.co.jp/press/20070126_2.html"
} },
{
"name": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"refsource": "OSVDB",
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23927"
}
]
}
} }

198
2007/0xxx/CVE-2007-0719.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0719", "ID": "CVE-2007-0719",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305214", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305214" "lang": "eng",
}, "value": "Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote user-assisted attackers to execute arbitrary code via an image with a crafted ColorSync profile."
{ }
"name" : "APPLE-SA-2007-03-13", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-072A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#449440", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/449440" ]
}, },
{ "references": {
"name" : "22948", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22948" "name": "VU#449440",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/449440"
"name" : "ADV-2007-0930", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0930" "name": "TA07-072A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
"name" : "34845", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34845" "name": "APPLE-SA-2007-03-13",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
"name" : "1017751", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017751" "name": "22948",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22948"
"name" : "24479", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24479" "name": "http://docs.info.apple.com/article.html?artnum=305214",
} "refsource": "CONFIRM",
] "url": "http://docs.info.apple.com/article.html?artnum=305214"
} },
{
"name": "1017751",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017751"
},
{
"name": "34845",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34845"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
} }

168
2007/0xxx/CVE-2007-0765.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0765", "ID": "CVE-2007-0765",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3256", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3256" "lang": "eng",
}, "value": "SQL injection vulnerability in news.php in dB Masters Curium CMS 1.03 and earlier allows remote attackers to execute arbitrary SQL commands via the c_id parameter."
{ }
"name" : "22373", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22373" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0474", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0474" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33111", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33111" ]
}, },
{ "references": {
"name" : "24032", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24032" "name": "3256",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/3256"
"name" : "curium-news-sql-injection(32148)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32148" "name": "ADV-2007-0474",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0474"
} },
{
"name": "curium-news-sql-injection(32148)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32148"
},
{
"name": "33111",
"refsource": "OSVDB",
"url": "http://osvdb.org/33111"
},
{
"name": "24032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24032"
},
{
"name": "22373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22373"
}
]
}
} }

148
2007/0xxx/CVE-2007-0811.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0811", "ID": "CVE-2007-0811",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3272", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3272" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6.0 SP1 on Windows 2000, and 6.0 SP2 on Windows XP, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an HTML document containing a certain JavaScript for loop with an empty loop body, possibly involving getElementById."
{ }
"name" : "http://www.powerhacker.net/exploit/IE_NULL_CRASH.html", ]
"refsource" : "MISC", },
"url" : "http://www.powerhacker.net/exploit/IE_NULL_CRASH.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22408", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22408" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37636", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37636" ]
} },
] "references": {
} "reference_data": [
{
"name": "37636",
"refsource": "OSVDB",
"url": "http://osvdb.org/37636"
},
{
"name": "22408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22408"
},
{
"name": "3272",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3272"
},
{
"name": "http://www.powerhacker.net/exploit/IE_NULL_CRASH.html",
"refsource": "MISC",
"url": "http://www.powerhacker.net/exploit/IE_NULL_CRASH.html"
}
]
}
} }

178
2007/1xxx/CVE-2007-1109.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1109", "ID": "CVE-2007-1109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) login or (2) mail_address field in Register.php, or the (3) search_author, (4) mode, (5) start_year, (6) end_year, or (7) date_type field in Search.php, a different vulnerability than CVE-2006-1674. NOTE: 1.6.2 and other versions might also be affected."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070224 Phpwebgallery-1.4.1, Multiple Cross Site Scripting", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/461160/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Phpwebgallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) login or (2) mail_address field in Register.php, or the (3) search_author, (4) mode, (5) start_year, (6) end_year, or (7) date_type field in Search.php, a different vulnerability than CVE-2006-1674. NOTE: 1.6.2 and other versions might also be affected."
{ }
"name" : "22711", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22711" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33761", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33761" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33762", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33762" ]
}, },
{ "references": {
"name" : "24308", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24308" "name": "33762",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33762"
"name" : "2298", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2298" "name": "2298",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2298"
"name" : "phpwebgallery-register-search-xss(32687)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32687" "name": "20070224 Phpwebgallery-1.4.1, Multiple Cross Site Scripting",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/461160/100/0/threaded"
} },
{
"name": "24308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24308"
},
{
"name": "22711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22711"
},
{
"name": "phpwebgallery-register-search-xss(32687)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32687"
},
{
"name": "33761",
"refsource": "OSVDB",
"url": "http://osvdb.org/33761"
}
]
}
} }

198
2007/1xxx/CVE-2007-1540.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1540", "ID": "CVE-2007-1540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login parameter. NOTE: this issue was reportedly addressed in SQL-Ledger 2.6.27, however third-party researchers claim that the file is still executed even though an error is generated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070318 Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/463175/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in am.pl in (1) SQL-Ledger 2.6.27 and earlier, and (2) LedgerSMB before 1.2.0, allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence and trailing NULL (%00) in the login parameter. NOTE: this issue was reportedly addressed in SQL-Ledger 2.6.27, however third-party researchers claim that the file is still executed even though an error is generated."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=494462&group_id=175965", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=494462&group_id=175965" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23034", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23034" ]
}, },
{ "references": {
"name" : "ADV-2007-1024", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1024" "name": "24560",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24560"
"name" : "ADV-2007-1025", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1025" "name": "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New",
}, "refsource": "CONFIRM",
{ "url": "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New"
"name" : "33624", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/33624" "name": "http://sourceforge.net/project/shownotes.php?release_id=494462&group_id=175965",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=494462&group_id=175965"
"name" : "24560", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24560" "name": "33624",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/33624"
"name" : "24585", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24585" "name": "ADV-2007-1024",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1024"
} },
{
"name": "ADV-2007-1025",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1025"
},
{
"name": "24585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24585"
},
{
"name": "20070318 Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463175/100/0/threaded"
},
{
"name": "23034",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23034"
}
]
}
} }

198
2007/1xxx/CVE-2007-1593.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1593", "ID": "CVE-2007-1593",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070601 Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=539" "lang": "eng",
}, "value": "The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer."
{ }
"name" : "http://cirt.dk/advisories/cirt-53-advisory.txt", ]
"refsource" : "MISC", },
"url" : "http://cirt.dk/advisories/cirt-53-advisory.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.symantec.com/avcenter/security/Content/2007.06.01a.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/avcenter/security/Content/2007.06.01a.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24160", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24160" ]
}, },
{ "references": {
"name" : "36102", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36102" "name": "http://cirt.dk/advisories/cirt-53-advisory.txt",
}, "refsource": "MISC",
{ "url": "http://cirt.dk/advisories/cirt-53-advisory.txt"
"name" : "ADV-2007-2036", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2036" "name": "symantec-vvr-dos(34676)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34676"
"name" : "1018184", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018184" "name": "36102",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36102"
"name" : "25516", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25516" "name": "25516",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25516"
"name" : "symantec-vvr-dos(34676)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34676" "name": "http://www.symantec.com/avcenter/security/Content/2007.06.01a.html",
} "refsource": "CONFIRM",
] "url": "http://www.symantec.com/avcenter/security/Content/2007.06.01a.html"
} },
{
"name": "1018184",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018184"
},
{
"name": "ADV-2007-2036",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2036"
},
{
"name": "24160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24160"
},
{
"name": "20070601 Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=539"
}
]
}
} }

368
2007/1xxx/CVE-2007-1711.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1711", "ID": "CVE-2007-1711",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466166/100/0/threaded" "lang": "eng",
}, "value": "Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to (1) the GLOBALS array or (2) the session data in _SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701 (MOPB-31-2007)."
{ }
"name" : "http://www.php-security.org/MOPB/MOPB-32-2007.html", ]
"refsource" : "MISC", },
"url" : "http://www.php-security.org/MOPB/MOPB-32-2007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://issues.rpath.com/browse/RPL-1268", "description": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1268" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=306172", ]
"refsource" : "CONFIRM", }
"url" : "http://docs.info.apple.com/article.html?artnum=306172" ]
}, },
{ "references": {
"name" : "APPLE-SA-2007-07-31", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" "name": "ADV-2007-2732",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2732"
"name" : "DSA-1282", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1282" "name": "23121",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23121"
"name" : "DSA-1283", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1283" "name": "DSA-1283",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1283"
"name" : "GLSA-200705-19", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml" "name": "RHSA-2007:0154",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0154.html"
"name" : "MDKSA-2007:087", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087" "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded"
"name" : "MDKSA-2007:088", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" "name": "APPLE-SA-2007-07-31",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name" : "RHSA-2007:0154", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0154.html" "name": "GLSA-200705-19",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml"
"name" : "RHSA-2007:0155", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0155.html" "name": "24941",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24941"
"name" : "RHSA-2007:0163", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0163.html" "name": "25062",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25062"
"name" : "23121", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23121" "name": "oval:org.mitre.oval:def:10406",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406"
"name" : "25159", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25159" "name": "MDKSA-2007:087",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087"
"name" : "oval:org.mitre.oval:def:10406", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10406" "name": "24945",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24945"
"name" : "ADV-2007-2732", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2732" "name": "DSA-1282",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1282"
"name" : "24910", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24910" "name": "https://issues.rpath.com/browse/RPL-1268",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1268"
"name" : "24924", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24924" "name": "http://docs.info.apple.com/article.html?artnum=306172",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=306172"
"name" : "24945", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24945" "name": "php-deserializer-code-execution(33575)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575"
"name" : "24941", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24941" "name": "24924",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24924"
"name" : "25025", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25025" "name": "RHSA-2007:0155",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html"
"name" : "25062", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25062" "name": "24910",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24910"
"name" : "25445", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25445" "name": "25159",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25159"
"name" : "26235", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26235" "name": "25445",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25445"
"name" : "php-deserializer-code-execution(33575)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33575" "name": "http://www.php-security.org/MOPB/MOPB-32-2007.html",
} "refsource": "MISC",
] "url": "http://www.php-security.org/MOPB/MOPB-32-2007.html"
} },
{
"name": "RHSA-2007:0163",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0163.html"
},
{
"name": "25025",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25025"
},
{
"name": "MDKSA-2007:088",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
} }

178
2007/1xxx/CVE-2007-1916.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1916", "ID": "CVE-2007-1916",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464680/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
{ }
"name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23304", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23304" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1270", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1270" ]
}, },
{ "references": {
"name" : "24722", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24722" "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf",
}, "refsource": "MISC",
{ "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_GUI_RFC_Function_Buffer_Overflow.pdf"
"name" : "2537", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2537" "name": "sap-rfc-startgui-bo(33420)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33420"
"name" : "sap-rfc-startgui-bo(33420)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33420" "name": "23304",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23304"
} },
{
"name": "2537",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2537"
},
{
"name": "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_GUI RFC Function Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464680/100/0/threaded"
},
{
"name": "24722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24722"
},
{
"name": "ADV-2007-1270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1270"
}
]
}
} }

138
2007/5xxx/CVE-2007-5126.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5126", "ID": "CVE-2007-5126",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147", "description_data": [
"refsource" : "MISC", {
"url" : "http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147" "lang": "eng",
}, "value": "Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine."
{ }
"name" : "25793", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25793" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45522", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45522" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147",
"refsource": "MISC",
"url": "http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147"
},
{
"name": "25793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25793"
},
{
"name": "45522",
"refsource": "OSVDB",
"url": "http://osvdb.org/45522"
}
]
}
} }

148
2007/5xxx/CVE-2007-5564.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5564", "ID": "CVE-2007-5564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags when BBcode is disabled; or the (2) user, (3) email, or (4) Real Name fields in a profile."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071014 HTML Injection Vuln in nssboard", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482312/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1 allow remote attackers to inject arbitrary web script or HTML via (1) HTML tags when BBcode is disabled; or the (2) user, (3) email, or (4) Real Name fields in a profile."
{ }
"name" : "26081", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26081" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3246", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "nssboard-profile-xss(37218)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37218" ]
} },
] "references": {
} "reference_data": [
{
"name": "nssboard-profile-xss(37218)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37218"
},
{
"name": "3246",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3246"
},
{
"name": "20071014 HTML Injection Vuln in nssboard",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482312/100/0/threaded"
},
{
"name": "26081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26081"
}
]
}
} }

248
2007/5xxx/CVE-2007-5687.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5687", "ID": "CVE-2007-5687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1" "lang": "eng",
}, "value": "Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL."
{ }
"name" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2", ]
"refsource" : "MISC", },
"url" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3", "description": [
"refsource" : "MISC", {
"url" : "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html", ]
"refsource" : "MISC", }
"url" : "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html" ]
}, },
{ "references": {
"name" : "http://www.justsystems.com/jp/info/pd7004.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.justsystems.com/jp/info/pd7004.html" "name": "justsystems-jstar04-bo(38130)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38130"
"name" : "JVN#29211062", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2329211062/index.html" "name": "26206",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26206"
"name" : "JVN#32981509", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2332981509/index.html" "name": "27393",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27393"
"name" : "JVN#50495547", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2350495547/index.html" "name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2",
}, "refsource": "MISC",
{ "url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2"
"name" : "26206", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26206" "name": "JVN#50495547",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2350495547/index.html"
"name" : "ADV-2007-3623", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3623" "name": "JVN#29211062",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2329211062/index.html"
"name" : "39394", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39394" "name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3",
}, "refsource": "MISC",
{ "url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3"
"name" : "27393", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27393" "name": "39394",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39394"
"name" : "justsystems-jstar04-bo(38130)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38130" "name": "http://www.justsystems.com/jp/info/pd7004.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.justsystems.com/jp/info/pd7004.html"
"name" : "justsystems-tjsvda-bo(38129)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38129" "name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1",
} "refsource": "MISC",
] "url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1"
} },
{
"name": "justsystems-tjsvda-bo(38129)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38129"
},
{
"name": "ADV-2007-3623",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3623"
},
{
"name": "JVN#32981509",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2332981509/index.html"
},
{
"name": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html"
}
]
}
} }

188
2015/3xxx/CVE-2015-3099.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3099", "ID": "CVE-2015-3099",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html" "lang": "eng",
}, "value": "Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102."
{ }
"name" : "GLSA-201506-01", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201506-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1086", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2015:1043", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1047", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
"name" : "openSUSE-SU-2015:1061", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html" "name": "75080",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75080"
"name" : "75080", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75080" "name": "1032519",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032519"
"name" : "1032519", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032519" "name": "openSUSE-SU-2015:1047",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
} },
{
"name": "GLSA-201506-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-01"
},
{
"name": "SUSE-SU-2015:1043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
},
{
"name": "openSUSE-SU-2015:1061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
},
{
"name": "RHSA-2015:1086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
}
]
}
} }

158
2015/3xxx/CVE-2015-3174.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3174", "ID": "CVE-2015-3174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150518 Moodle security advisories [vs]", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2015/05/18/1" "lang": "eng",
}, "value": "mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://moodle.org/mod/forum/discuss.php?d=313681", "description": [
"refsource" : "CONFIRM", {
"url" : "https://moodle.org/mod/forum/discuss.php?d=313681" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "74719", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/74719" ]
}, },
{ "references": {
"name" : "1032358", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032358" "name": "1032358",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1032358"
} },
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49941"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=313681",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=313681"
},
{
"name": "[oss-security] 20150518 Moodle security advisories [vs]",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/05/18/1"
},
{
"name": "74719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74719"
}
]
}
} }

208
2015/3xxx/CVE-2015-3745.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3745", "ID": "CVE-2015-3745",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3."
{ }
"name" : "https://support.apple.com/kb/HT205033", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205033" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT205221", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205221" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2015-08-13-3", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" "name": "https://support.apple.com/HT205221",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205221"
"name" : "APPLE-SA-2015-09-16-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html" "name": "1033274",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033274"
"name" : "openSUSE-SU-2016:0915", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "USN-2937-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2937-1" "name": "APPLE-SA-2015-09-16-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
"name" : "76338", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76338" "name": "APPLE-SA-2015-08-13-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
"name" : "1033274", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033274" "name": "openSUSE-SU-2016:0915",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html"
} },
{
"name": "76338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76338"
},
{
"name": "APPLE-SA-2015-08-13-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html"
},
{
"name": "https://support.apple.com/kb/HT205033",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205033"
},
{
"name": "USN-2937-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2937-1"
}
]
}
} }

158
2015/3xxx/CVE-2015-3940.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-3940", "ID": "CVE-2015-3940",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory."
{ }
"name" : "http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75297", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75297" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033179", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033179" ]
}, },
{ "references": {
"name" : "1033180", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033180" "name": "1033179",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1033179"
} },
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-169-02"
},
{
"name": "1033180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033180"
},
{
"name": "http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf",
"refsource": "CONFIRM",
"url": "http://iom.invensys.com/EN/pdfLibrary/Security_Bulletin_LFSEC00000106.pdf"
},
{
"name": "75297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75297"
}
]
}
} }

138
2015/3xxx/CVE-2015-3981.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3981", "ID": "CVE-2015-3981",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP NetWeaver RFC SDK allows attackers to obtain sensitive information via unspecified vectors, aka SAP Security Note 2084037."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://erpscan.io/press-center/blog/sap-security-notes-april-2015/", "description_data": [
"refsource" : "MISC", {
"url" : "https://erpscan.io/press-center/blog/sap-security-notes-april-2015/" "lang": "eng",
}, "value": "SAP NetWeaver RFC SDK allows attackers to obtain sensitive information via unspecified vectors, aka SAP Security Note 2084037."
{ }
"name" : "74627", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74627" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032308", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032308" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "74627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74627"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-april-2015/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-april-2015/"
},
{
"name": "1032308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032308"
}
]
}
} }

128
2015/3xxx/CVE-2015-3993.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3993", "ID": "CVE-2015-3993",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows remote authenticated users to bypass intended write-access restrictions and execute an UPDATE statement by referencing a table."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://supportservices.actian.com/images/pdf/Actian-SecAlert_May_2015_NO2_final.doc", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://supportservices.actian.com/images/pdf/Actian-SecAlert_May_2015_NO2_final.doc" "lang": "eng",
}, "value": "Actian Matrix 5.1.x through 5.1.2.4 and 5.2.x through 5.2.0.1 allows remote authenticated users to bypass intended write-access restrictions and execute an UPDATE statement by referencing a table."
{ }
"name" : "75187", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75187" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75187"
},
{
"name": "http://supportservices.actian.com/images/pdf/Actian-SecAlert_May_2015_NO2_final.doc",
"refsource": "CONFIRM",
"url": "http://supportservices.actian.com/images/pdf/Actian-SecAlert_May_2015_NO2_final.doc"
}
]
}
} }

32
2015/6xxx/CVE-2015-6222.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6222", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6222",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

32
2015/6xxx/CVE-2015-6439.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6439", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6439",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

128
2015/7xxx/CVE-2015-7305.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7305", "ID": "CVE-2015-7305",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a \"debug context.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/node/2569631", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2569631" "lang": "eng",
}, "value": "The Scald module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to fields, which allows remote attackers to obtain sensitive atom property information via vectors involving a \"debug context.\""
{ }
"name" : "https://www.drupal.org/node/2569621", ]
"refsource" : "CONFIRM", },
"url" : "https://www.drupal.org/node/2569621" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.drupal.org/node/2569621",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2569621"
},
{
"name": "https://www.drupal.org/node/2569631",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2569631"
}
]
}
} }

148
2015/7xxx/CVE-2015-7312.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7312", "ID": "CVE-2015-7312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[aufs] 20150910 Re: concurrent msync triggers NULL pointer dereference", "description_data": [
"refsource" : "MLIST", {
"url" : "http://sourceforge.net/p/aufs/mailman/message/34449209/" "lang": "eng",
}, "value": "Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-after-free and BUG) or possibly gain privileges via a (1) madvise or (2) msync system call, related to mm/madvise.c and mm/msync.c."
{ }
"name" : "[oss-security] 20150922 Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/09/22/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3364", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3364" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-2777-1", ]
"refsource" : "UBUNTU", }
"url" : "http://www.ubuntu.com/usn/USN-2777-1" ]
} },
] "references": {
} "reference_data": [
{
"name": "DSA-3364",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3364"
},
{
"name": "[aufs] 20150910 Re: concurrent msync triggers NULL pointer dereference",
"refsource": "MLIST",
"url": "http://sourceforge.net/p/aufs/mailman/message/34449209/"
},
{
"name": "[oss-security] 20150922 Re: CVE request: Use-after-free in Linux kernel with aufs mmap patch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/22/10"
},
{
"name": "USN-2777-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2777-1"
}
]
}
} }

128
2015/7xxx/CVE-2015-7463.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7463", "ID": "CVE-2015-7463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973442", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21973442" "lang": "eng",
}, "value": "IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393."
{ }
"name" : "ibm-bpm-cve20157463-sec-bypass(108393)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/108393" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-bpm-cve20157463-sec-bypass(108393)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108393"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21973442",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21973442"
}
]
}
} }

138
2015/7xxx/CVE-2015-7541.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-7541", "ID": "CVE-2015-7541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160104 Remote Command Injection in Ruby Gem colorscore <=0.0.4", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/01/05/2" "lang": "eng",
}, "value": "The initialize method in the Histogram class in lib/colorscore/histogram.rb in the colorscore gem before 0.0.5 for Ruby allows context-dependent attackers to execute arbitrary code via shell metacharacters in the (1) image_path, (2) colors, or (3) depth variable."
{ }
"name" : "http://rubysec.com/advisories/CVE-2015-7541/", ]
"refsource" : "MISC", },
"url" : "http://rubysec.com/advisories/CVE-2015-7541/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/quadule/colorscore/commit/570b5e854cecddd44d2047c44126aed951b61718", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/quadule/colorscore/commit/570b5e854cecddd44d2047c44126aed951b61718" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rubysec.com/advisories/CVE-2015-7541/",
"refsource": "MISC",
"url": "http://rubysec.com/advisories/CVE-2015-7541/"
},
{
"name": "[oss-security] 20160104 Remote Command Injection in Ruby Gem colorscore <=0.0.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/05/2"
},
{
"name": "https://github.com/quadule/colorscore/commit/570b5e854cecddd44d2047c44126aed951b61718",
"refsource": "CONFIRM",
"url": "https://github.com/quadule/colorscore/commit/570b5e854cecddd44d2047c44126aed951b61718"
}
]
}
} }

568
2015/7xxx/CVE-2015-7872.json
View File

@ -1,287 +1,287 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-7872", "ID": "CVE-2015-7872",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151020 Re: CVE request: crash when attempt to garbage collect an uninstantiated keyring - Linux kernel", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/10/20/6" "lang": "eng",
}, "value": "The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1272172", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1272172" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1272371", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1272371" "name": "SUSE-SU-2015:2292",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html"
"name" : "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c" "name": "RHSA-2015:2636",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
"name" : "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61" "name": "RHSA-2016:0212",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0212.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "name": "SUSE-SU-2016:0337",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "name": "SUSE-SU-2015:2350",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html"
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", },
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1272172",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272172"
"name" : "DSA-3396", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3396" "name": "SUSE-SU-2016:0434",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html"
"name" : "HPSBGN03565", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=145975164525836&w=2" "name": "USN-2826-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2826-1"
"name" : "RHSA-2016:0185", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0185.html" "name": "https://source.android.com/security/bulletin/2016-12-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://source.android.com/security/bulletin/2016-12-01.html"
"name" : "RHSA-2016:0212", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0212.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1272371",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1272371"
"name" : "RHSA-2016:0224", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0224.html" "name": "USN-2840-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2840-1"
"name" : "RHSA-2015:2636", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2636.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068676"
"name" : "SUSE-SU-2016:2074", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" "name": "HPSBGN03565",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=145975164525836&w=2"
"name" : "openSUSE-SU-2016:1008", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "SUSE-SU-2016:0335", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html" "name": "USN-2843-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2843-1"
"name" : "SUSE-SU-2016:0337", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00009.html" "name": "SUSE-SU-2015:2194",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html"
"name" : "SUSE-SU-2016:0354", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" "name": "[oss-security] 20151020 Re: CVE request: crash when attempt to garbage collect an uninstantiated keyring - Linux kernel",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/10/20/6"
"name" : "SUSE-SU-2016:0380", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html" "name": "SUSE-SU-2016:0380",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00017.html"
"name" : "SUSE-SU-2016:0381", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html" "name": "USN-2829-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2829-2"
"name" : "SUSE-SU-2016:0383", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html" "name": "SUSE-SU-2016:0354",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html"
"name" : "SUSE-SU-2016:0384", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html" "name": "USN-2843-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2843-2"
"name" : "SUSE-SU-2016:0386", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html" "name": "SUSE-SU-2016:0335",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00007.html"
"name" : "SUSE-SU-2016:0387", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html" "name": "SUSE-SU-2015:2339",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html"
"name" : "SUSE-SU-2016:0434", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00034.html" "name": "SUSE-SU-2015:2108",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html"
"name" : "SUSE-SU-2015:2108", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "SUSE-SU-2015:2194", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" "name": "RHSA-2016:0185",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0185.html"
"name" : "SUSE-SU-2015:2292", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00018.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
"name" : "SUSE-SU-2015:2339", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" "name": "USN-2840-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2840-2"
"name" : "SUSE-SU-2015:2350", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" "name": "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/f05819df10d7b09f6d1eb6f8534a8f68e5a4fe61"
"name" : "USN-2843-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2843-1" "name": "SUSE-SU-2016:0383",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00019.html"
"name" : "USN-2843-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2843-2" "name": "USN-2829-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2829-1"
"name" : "USN-2843-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2843-3" "name": "USN-2823-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2823-1"
"name" : "USN-2823-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2823-1" "name": "SUSE-SU-2016:0386",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00021.html"
"name" : "USN-2824-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2824-1" "name": "RHSA-2016:0224",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0224.html"
"name" : "USN-2826-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2826-1" "name": "SUSE-SU-2016:2074",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
"name" : "USN-2829-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2829-1" "name": "1034472",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034472"
"name" : "USN-2829-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2829-2" "name": "SUSE-SU-2016:0384",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00020.html"
"name" : "USN-2840-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2840-1" "name": "USN-2843-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2843-3"
"name" : "USN-2840-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2840-2" "name": "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/ce1fad2740c648a4340f6f6c391a8a83769d2e8c"
"name" : "77544", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77544" "name": "DSA-3396",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3396"
"name" : "1034472", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034472" "name": "openSUSE-SU-2016:1008",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
} },
{
"name": "SUSE-SU-2016:0387",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00022.html"
},
{
"name": "USN-2824-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2824-1"
},
{
"name": "77544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77544"
},
{
"name": "SUSE-SU-2016:0381",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00018.html"
}
]
}
} }

138
2015/8xxx/CVE-2015-8004.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8004", "ID": "CVE-2015-8004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[MediaWiki-announce] 20151016 Security Release: 1.25.3, 1.24.4 and 1.23.11", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html" "lang": "eng",
}, "value": "MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form."
{ }
"name" : "https://phabricator.wikimedia.org/T95589", ]
"refsource" : "CONFIRM", },
"url" : "https://phabricator.wikimedia.org/T95589" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034028", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034028" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://phabricator.wikimedia.org/T95589",
"refsource": "CONFIRM",
"url": "https://phabricator.wikimedia.org/T95589"
},
{
"name": "1034028",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034028"
},
{
"name": "[MediaWiki-announce] 20151016 Security Release: 1.25.3, 1.24.4 and 1.23.11",
"refsource": "MLIST",
"url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000181.html"
}
]
}
} }

32
2015/8xxx/CVE-2015-8170.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8170", "ID": "CVE-2015-8170",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2015/8xxx/CVE-2015-8529.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8529", "ID": "CVE-2015-8529",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2016/0xxx/CVE-2016-0071.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0071", "ID": "CVE-2016-0071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-009", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
{ }
"name" : "1034971", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034971" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034971",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034971"
},
{
"name": "MS16-009",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009"
}
]
}
} }

128
2016/0xxx/CVE-2016-0454.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0454", "ID": "CVE-2016-0454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager."
{ }
"name" : "1034726", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034726" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}
} }

128
2016/0xxx/CVE-2016-0947.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0947", "ID": "CVE-2016-0947",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Adobe Download Manager, as used in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X, allows local users to gain privileges via a crafted resource in an unspecified directory."
{ }
"name" : "1034646", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034646" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034646",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034646"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
}
]
}
} }

128
2016/1xxx/CVE-2016-1210.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1210", "ID": "CVE-2016-1210",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#11877654", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN11877654/index.html" "lang": "eng",
}, "value": "The 105 BANK app 1.0 and 1.1 for Android and 1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "JVNDB-2016-000065", ]
"refsource" : "JVNDB", },
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000065.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000065",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000065.html"
},
{
"name": "JVN#11877654",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN11877654/index.html"
}
]
}
} }

148
2016/1xxx/CVE-2016-1319.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1319", "ID": "CVE-2016-1319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160208 Cisco Unified Products Information Disclosure Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm" "lang": "eng",
}, "value": "Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958."
{ }
"name" : "1034958", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034959", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034959" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034960", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034960" ]
} },
] "references": {
} "reference_data": [
{
"name": "1034958",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034958"
},
{
"name": "20160208 Cisco Unified Products Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-ucm"
},
{
"name": "1034959",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034959"
},
{
"name": "1034960",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034960"
}
]
}
} }

178
2016/1xxx/CVE-2016-1784.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1784", "ID": "CVE-2016-1784",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT206166", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206166" "lang": "eng",
}, "value": "The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT206169", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT206169" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT206171", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206171" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2016-03-21-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-03-21-3", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" "name": "APPLE-SA-2016-03-21-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html"
"name" : "APPLE-SA-2016-03-21-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" "name": "1035353",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035353"
"name" : "1035353", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035353" "name": "APPLE-SA-2016-03-21-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
} },
{
"name": "https://support.apple.com/HT206171",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206171"
},
{
"name": "APPLE-SA-2016-03-21-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"name": "https://support.apple.com/HT206169",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206169"
},
{
"name": "https://support.apple.com/HT206166",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206166"
}
]
}
} }

32
2016/1xxx/CVE-2016-1871.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1871", "ID": "CVE-2016-1871",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

218
2016/5xxx/CVE-2016-5262.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-5262", "ID": "CVE-2016-5262",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-76.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-76.html" "lang": "eng",
}, "value": "Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 process JavaScript event-handler attributes of a MARQUEE element within a sandboxed IFRAME element that lacks the sandbox=\"allow-scripts\" attribute value, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1277475", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1277475" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3640", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3640" ]
}, },
{ "references": {
"name" : "GLSA-201701-15", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "DSA-3640",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3640"
"name" : "RHSA-2016:1551", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1551.html" "name": "1036508",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036508"
"name" : "openSUSE-SU-2016:1964", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "openSUSE-SU-2016:2026", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html" "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-76.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-76.html"
"name" : "USN-3044-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3044-1" "name": "USN-3044-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3044-1"
"name" : "92258", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92258" "name": "92258",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92258"
"name" : "1036508", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036508" "name": "RHSA-2016:1551",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-1551.html"
} },
{
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name": "openSUSE-SU-2016:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
},
{
"name": "openSUSE-SU-2016:2026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1277475",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1277475"
}
]
}
} }

138
2016/5xxx/CVE-2016-5826.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5826", "ID": "CVE-2016-5826",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/25/4" "lang": "eng",
}, "value": "The parser_get_next_char function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (out-of-bounds heap read) by crafting a string to the icalparser_parse_string function."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041", ]
"refsource" : "MISC", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91459", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91459" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "91459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91459"
},
{
"name": "[oss-security] 20160625 Re: libical 0.47 SEGV on unknown address",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/4"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1281041"
}
]
}
} }

128
2016/5xxx/CVE-2016-5850.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5850", "ID": "CVE-2016-5850",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-01-publiccloud-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-01-publiccloud-en" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the volume backup service module in Huawei Public Cloud Solution before 1.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "91513", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91513" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-01-publiccloud-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160629-01-publiccloud-en"
},
{
"name": "91513",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91513"
}
]
}
} }

196
2019/0xxx/CVE-2019-0004.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z", "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0004", "ID": "CVE-2019-0004",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Juniper ATP: API and device keys are logged in a world-readable permissions file" "TITLE": "Juniper ATP: API and device keys are logged in a world-readable permissions file"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Juniper ATP", "product_name": "Juniper ATP",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_name" : "5.0", "version_name": "5.0",
"version_value" : "5.0.3" "version_value": "5.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Juniper Networks" "vendor_name": "Juniper Networks"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-532 - Information Exposure Through Log Files"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.juniper.net/JSA10918", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.juniper.net/JSA10918" "lang": "eng",
} "value": "On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. These keys are used for performing critical operations on the WebUI interface. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."
] }
}, ]
"solution" : [ },
{ "impact": {
"lang" : "eng", "cvss": {
"value" : "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases.\nIt is also recommended to change the device key after the upgrade." "attackComplexity": "LOW",
} "attackVector": "LOCAL",
], "availabilityImpact": "HIGH",
"source" : { "baseScore": 7.8,
"advisory" : "JSA10918", "baseSeverity": "HIGH",
"defect" : [ "confidentialityImpact": "HIGH",
"1365691" "integrityImpact": "HIGH",
], "privilegesRequired": "LOW",
"discovery" : "INTERNAL" "scope": "UNCHANGED",
}, "userInteraction": "NONE",
"work_around" : [ "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
{ "version": "3.0"
"lang" : "eng", }
"value" : "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk." },
} "problemtype": {
] "problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 - Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10918",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10918"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software release have been updated to resolve this specific issue: 5.0.3 and all subsequent releases.\nIt is also recommended to change the device key after the upgrade."
}
],
"source": {
"advisory": "JSA10918",
"defect": [
"1365691"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "There are no known workarounds for this issue, however limit the access to only trusted administrators from trusted administrative networks or hosts would minimize the risk."
}
]
} }

32
2019/0xxx/CVE-2019-0054.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0054", "ID": "CVE-2019-0054",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2019/0xxx/CVE-2019-0109.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00", "DATE_PUBLIC": "2019-02-12T00:00:00",
"ID" : "CVE-2019-0109", "ID": "CVE-2019-0109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html" "lang": "eng",
}, "value": "Improper folder permissions in Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
{ }
"name" : "107069", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107069" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01", "description": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
},
{
"name": "107069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107069"
}
]
}
} }

32
2019/0xxx/CVE-2019-0413.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0413", "ID": "CVE-2019-0413",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/0xxx/CVE-2019-0769.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0769", "ID": "CVE-2019-0769",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1030.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1030", "ID": "CVE-2019-1030",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1411.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1411", "ID": "CVE-2019-1411",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/1xxx/CVE-2019-1425.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1425", "ID": "CVE-2019-1425",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

178
2019/1xxx/CVE-2019-1585.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-03-06T16:00:00-0800", "DATE_PUBLIC": "2019-03-06T16:00:00-0800",
"ID" : "CVE-2019-1585", "ID": "CVE-2019-1585",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability" "TITLE": "Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode ", "product_name": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "4.0(1h)" "version_value": "4.0(1h)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "6.7",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-16"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec" "lang": "eng",
}, "value": "A vulnerability in the controller authorization functionality of Cisco Nexus 9000 Series ACI Mode Switch Software could allow an authenticated, local attacker to escalate standard users with root privilege on an affected device. The vulnerability is due to a misconfiguration of certain sudoers files for the bashroot component on an affected device. An attacker could exploit this vulnerability by authenticating to the affected device with a crafted user ID, which may allow temporary administrative access to escalate privileges. A successful exploit could allow the attacker to escalate privileges on an affected device. This Vulnerability has been fixed in version 4.0(1h)"
{ }
"name" : "107312", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107312" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190306-aci-controller-privsec", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvn09838" "baseScore": "6.7",
] "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
], "version": "3.0"
"discovery" : "INTERNAL" }
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-16"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190306 Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-aci-controller-privsec"
},
{
"name": "107312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107312"
}
]
},
"source": {
"advisory": "cisco-sa-20190306-aci-controller-privsec",
"defect": [
[
"CSCvn09838"
]
],
"discovery": "INTERNAL"
}
} }

32
2019/4xxx/CVE-2019-4066.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4066", "ID": "CVE-2019-4066",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4150.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4150", "ID": "CVE-2019-4150",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4538.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4538", "ID": "CVE-2019-4538",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4984.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4984", "ID": "CVE-2019-4984",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5027.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5027", "ID": "CVE-2019-5027",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5200.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5200", "ID": "CVE-2019-5200",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5249.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5249", "ID": "CVE-2019-5249",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5606.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5606", "ID": "CVE-2019-5606",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8121.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8121", "ID": "CVE-2019-8121",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8135.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8135", "ID": "CVE-2019-8135",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8606.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8606", "ID": "CVE-2019-8606",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8808.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8808", "ID": "CVE-2019-8808",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2019/9xxx/CVE-2019-9200.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9200", "ID": "CVE-2019-9200",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" "lang": "eng",
}, "value": "A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact."
{ }
"name" : "https://gitlab.freedesktop.org/poppler/poppler/issues/728", ]
"refsource" : "MISC", },
"url" : "https://gitlab.freedesktop.org/poppler/poppler/issues/728" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/", "description": [
"refsource" : "MISC", {
"url" : "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3905-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3905-1/" ]
}, },
{ "references": {
"name" : "107172", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/107172" "name": "https://gitlab.freedesktop.org/poppler/poppler/issues/728",
} "refsource": "MISC",
] "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728"
} },
{
"name": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/",
"refsource": "MISC",
"url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/"
},
{
"name": "107172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107172"
},
{
"name": "USN-3905-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3905-1/"
},
{
"name": "[debian-lts-announce] 20190308 [SECURITY] [DLA 1706-1] poppler security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"
}
]
}
} }

32
2019/9xxx/CVE-2019-9243.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9243", "ID": "CVE-2019-9243",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9436.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9436", "ID": "CVE-2019-9436",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9635.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9635", "ID": "CVE-2019-9635",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }