admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:42:33 +00:00
parent 2f691f663f
commit 3a8f6f7944
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 4001 additions and 4001 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2007/0xxx/CVE-2007-0057.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0057", "ID": "CVE-2007-0057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070103 Multiple Vulnerabilities in Cisco Clean Access", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml" "lang": "eng",
}, "value": "Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access."
{ }
"name" : "ADV-2007-0030", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0030" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32578", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32578" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1017465", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1017465" ]
}, },
{ "references": {
"name" : "23617", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23617" "name": "23617",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/23617"
} },
} {
"name": "ADV-2007-0030",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0030"
},
{
"name": "32578",
"refsource": "OSVDB",
"url": "http://osvdb.org/32578"
},
{
"name": "20070103 Multiple Vulnerabilities in Cisco Clean Access",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml"
},
{
"name": "1017465",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017465"
}
]
}
}

200
2007/0xxx/CVE-2007-0060.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0060", "ID": "CVE-2007-0060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070724 CA Message Queuing Server (Cam.exe) Overflow", "description_data": [
"refsource" : "ISS", {
"url" : "http://www.iss.net/threats/272.html" "lang": "eng",
}, "value": "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104."
{ }
"name" : "20070725 [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/474602/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp", "description": [
"refsource" : "CONFIRM", {
"url" : "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809", ]
"refsource" : "CONFIRM", }
"url" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809" ]
}, },
{ "references": {
"name" : "25051", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25051" "name": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp",
}, "refsource": "CONFIRM",
{ "url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp"
"name" : "ADV-2007-2638", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2638" "name": "ADV-2007-2638",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2638"
"name" : "1018449", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018449" "name": "systems-management-bo(32234)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234"
"name" : "26190", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26190" "name": "1018449",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018449"
"name" : "systems-management-bo(32234)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234" "name": "26190",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/26190"
} },
} {
"name": "20070725 [CAID 35527]: CA Message Queuing (CAM / CAFT) Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474602/100/0/threaded"
},
{
"name": "25051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25051"
},
{
"name": "20070724 CA Message Queuing Server (Cam.exe) Overflow",
"refsource": "ISS",
"url": "http://www.iss.net/threats/272.html"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809"
}
]
}
}

210
2007/0xxx/CVE-2007-0085.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0085", "ID": "CVE-2007-0085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=openbsd-cvs&m=116781980706409&w=2" "lang": "eng",
}, "value": "Unspecified vulnerability in sys/dev/pci/vga_pci.c in the VGA graphics driver for wscons in OpenBSD 3.9 and 4.0, when the kernel is compiled with the PCIAGP option and a non-AGP device is being used, allows local users to gain privileges via unspecified vectors, possibly related to agp_ioctl NULL pointer reference."
{ }
"name" : "[openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www", ]
"refsource" : "MLIST", },
"url" : "http://marc.info/?l=openbsd-cvs&m=116785923301416&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[3.9] 017: SECURITY FIX: January 3, 2007", ]
"refsource" : "OPENBSD", }
"url" : "http://www.openbsd.org/errata39.html#agp" ]
}, },
{ "references": {
"name" : "[4.0] 007: SECURITY FIX: January 3, 2007", "reference_data": [
"refsource" : "OPENBSD", {
"url" : "http://www.openbsd.org/errata.html#agp" "name": "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf",
}, "refsource": "MISC",
{ "url": "http://ilja.netric.org/files/Unusual%20bugs%2023c3.pdf"
"name" : "ADV-2007-0043", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0043" "name": "32574",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/32574"
"name" : "32574", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32574" "name": "[openbsd-cvs] 20070103 CVS: cvs.openbsd.org: www",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=openbsd-cvs&m=116785923301416&w=2"
"name" : "1017468", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017468" "name": "[3.9] 017: SECURITY FIX: January 3, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata39.html#agp"
"name" : "23608", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23608" "name": "[4.0] 007: SECURITY FIX: January 3, 2007",
}, "refsource": "OPENBSD",
{ "url": "http://www.openbsd.org/errata.html#agp"
"name" : "openbsd-vga-privilege-escalation(31276)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31276" "name": "1017468",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1017468"
} },
} {
"name": "ADV-2007-0043",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0043"
},
{
"name": "23608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23608"
},
{
"name": "openbsd-vga-privilege-escalation(31276)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31276"
},
{
"name": "[openbsd-cvs] 20070103 Re: CVS: cvs.openbsd.org: src",
"refsource": "MLIST",
"url": "http://marc.info/?l=openbsd-cvs&m=116781980706409&w=2"
}
]
}
}

150
2007/0xxx/CVE-2007-0233.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0233", "ID": "CVE-2007-0233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3109", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3109" "lang": "eng",
}, "value": "wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress."
{ }
"name" : "21983", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21983" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36860", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36860" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "wordpress-tbid-sql-injection(31385)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31385" ]
} },
] "references": {
} "reference_data": [
} {
"name": "3109",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3109"
},
{
"name": "21983",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21983"
},
{
"name": "wordpress-tbid-sql-injection(31385)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31385"
},
{
"name": "36860",
"refsource": "OSVDB",
"url": "http://osvdb.org/36860"
}
]
}
}

160
2007/0xxx/CVE-2007-0664.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0664", "ID": "CVE-2007-0664",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=142047", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=142047" "lang": "eng",
}, "value": "thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files."
{ }
"name" : "GLSA-200701-28", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200701-28.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22349", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22349" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "31965", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/31965" ]
}, },
{ "references": {
"name" : "24018", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24018" "name": "http://bugs.gentoo.org/show_bug.cgi?id=142047",
} "refsource": "MISC",
] "url": "http://bugs.gentoo.org/show_bug.cgi?id=142047"
} },
} {
"name": "24018",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24018"
},
{
"name": "31965",
"refsource": "OSVDB",
"url": "http://osvdb.org/31965"
},
{
"name": "22349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22349"
},
{
"name": "GLSA-200701-28",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200701-28.xml"
}
]
}
}

180
2007/0xxx/CVE-2007-0948.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2007-0948", "ID": "CVE-2007-0948",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to \"interaction and initialization of components.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS07-049", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049" "lang": "eng",
}, "value": "Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to \"interaction and initialization of components.\""
{ }
"name" : "TA07-226A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25298", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25298" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2873", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2873" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:1259", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259" "name": "oval:org.mitre.oval:def:1259",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1259"
"name" : "1018567", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018567" "name": "TA07-226A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-226A.html"
"name" : "26444", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26444" "name": "1018567",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1018567"
} },
} {
"name": "ADV-2007-2873",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2873"
},
{
"name": "25298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25298"
},
{
"name": "MS07-049",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-049"
},
{
"name": "26444",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26444"
}
]
}
}

170
2007/1xxx/CVE-2007-1055.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1055", "ID": "CVE-2007-1055",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070220 MediaWiki Cross-site Scripting", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460596/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the AJAX features in index.php in MediaWiki 1.9.x before 1.9.0rc2, and 1.8.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the rs parameter. NOTE: this issue might be a duplicate of CVE-2007-0177."
{ }
"name" : "http://www.bugsec.com/articles.php?Security=24", ]
"refsource" : "MISC", },
"url" : "http://www.bugsec.com/articles.php?Security=24" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES", "description": [
"refsource" : "CONFIRM", {
"url" : "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37343", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37343" ]
}, },
{ "references": {
"name" : "2274", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2274" "name": "http://www.bugsec.com/articles.php?Security=24",
}, "refsource": "MISC",
{ "url": "http://www.bugsec.com/articles.php?Security=24"
"name" : "mediawiki-index-xss(32586)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32586" "name": "20070220 MediaWiki Cross-site Scripting",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/460596/100/0/threaded"
} },
} {
"name": "2274",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2274"
},
{
"name": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES",
"refsource": "CONFIRM",
"url": "http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_9_0/phase3/RELEASE-NOTES"
},
{
"name": "mediawiki-index-xss(32586)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32586"
},
{
"name": "37343",
"refsource": "OSVDB",
"url": "http://osvdb.org/37343"
}
]
}
}

230
2007/1xxx/CVE-2007-1205.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2007-1205", "ID": "CVE-2007-1205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Microsoft Agent (msagent\\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070410 Secunia Research: Microsoft Agent URL Parsing Memory CorruptionVulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/465235/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Microsoft Agent (msagent\\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption."
{ }
"name" : "http://secunia.com/secunia_research/2006-74/advisory/", ]
"refsource" : "MISC", },
"url" : "http://secunia.com/secunia_research/2006-74/advisory/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "HPSBST02208", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SSRT071365", ]
"refsource" : "HP", }
"url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" ]
}, },
{ "references": {
"name" : "MS07-020", "reference_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020" "name": "22896",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22896"
"name" : "TA07-100A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-100A.html" "name": "HPSBST02208",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded"
"name" : "VU#728057", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/728057" "name": "VU#728057",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/728057"
"name" : "23337", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23337" "name": "ADV-2007-1324",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1324"
"name" : "ADV-2007-1324", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1324" "name": "1017896",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017896"
"name" : "oval:org.mitre.oval:def:2034", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034" "name": "MS07-020",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-020"
"name" : "1017896", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017896" "name": "20070410 Secunia Research: Microsoft Agent URL Parsing Memory CorruptionVulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/465235/100/0/threaded"
"name" : "22896", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22896" "name": "TA07-100A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-100A.html"
} },
} {
"name": "23337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23337"
},
{
"name": "SSRT071365",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded"
},
{
"name": "http://secunia.com/secunia_research/2006-74/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-74/advisory/"
},
{
"name": "oval:org.mitre.oval:def:2034",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2034"
}
]
}
}

490
2007/1xxx/CVE-2007-1592.json
View File

@ -1,247 +1,247 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1592", "ID": "CVE-2007-1592",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared.", "description_data": [
"refsource" : "MLIST", {
"url" : "http://marc.info/?l=linux-netdev&m=117406721731891&w=2" "lang": "eng",
}, "value": "net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6 socket, attaching a flow label, and connecting to that socket."
{ }
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478", ]
"refsource" : "MISC", },
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4", ]
"refsource" : "CONFIRM", }
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4" ]
}, },
{ "references": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm" "name": "RHSA-2007:0436",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0436.html"
"name" : "DSA-1286", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1286" "name": "DSA-1286",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1286"
"name" : "DSA-1304", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1304" "name": "RHSA-2007:0347",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0347.html"
"name" : "DSA-1503", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1503" "name": "[linux-netdev] 20070316 [PATCH 2.6.21-rc3] IPV6: ipv6_fl_socklist is inadvertently shared.",
}, "refsource": "MLIST",
{ "url": "http://marc.info/?l=linux-netdev&m=117406721731891&w=2"
"name" : "MDKSA-2007:078", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078" "name": "USN-464-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-464-1"
"name" : "MDVSA-2011:051", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051" "name": "SUSE-SA:2007:043",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_43_kernel.html"
"name" : "RHSA-2007:0347", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0347.html" "name": "MDKSA-2007:078",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:078"
"name" : "RHSA-2007:0436", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0436.html" "name": "RHSA-2007:0673",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0673.html"
"name" : "RHSA-2007:0673", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0673.html" "name": "24777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24777"
"name" : "RHSA-2007:0672", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0672.html" "name": "23104",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23104"
"name" : "RHBA-2007-0304", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHBA-2007-0304.html" "name": "27528",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27528"
"name" : "SUSE-SA:2007:029", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html" "name": "26379",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26379"
"name" : "SUSE-SA:2007:030", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_30_kernel.html" "name": "25226",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25226"
"name" : "SUSE-SA:2007:035", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_35_kernel.html" "name": "SUSE-SA:2007:029",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2007-May/0001.html"
"name" : "SUSE-SA:2007:043", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_43_kernel.html" "name": "24618",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24618"
"name" : "USN-464-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-464-1" "name": "25683",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25683"
"name" : "23104", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23104" "name": "ADV-2007-1084",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1084"
"name" : "oval:org.mitre.oval:def:10130", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130" "name": "MDVSA-2011:051",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
"name" : "ADV-2007-1084", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1084" "name": "25288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25288"
"name" : "24618", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24618" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478",
}, "refsource": "MISC",
{ "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233478"
"name" : "24777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24777" "name": "RHSA-2007:0672",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0672.html"
"name" : "25078", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25078" "name": "RHBA-2007-0304",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHBA-2007-0304.html"
"name" : "25099", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25099" "name": "25099",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25099"
"name" : "25288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25288" "name": "25961",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25961"
"name" : "25392", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25392" "name": "DSA-1503",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1503"
"name" : "25630", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25630" "name": "25078",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25078"
"name" : "25683", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25683" "name": "25392",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25392"
"name" : "25714", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25714" "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.4"
"name" : "25961", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25961" "name": "SUSE-SA:2007:030",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_30_kernel.html"
"name" : "26379", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26379" "name": "29058",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29058"
"name" : "25226", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25226" "name": "DSA-1304",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1304"
"name" : "27528", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27528" "name": "25630",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25630"
"name" : "29058", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29058" "name": "25714",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25714"
"name" : "kernel-tcpv6synrecvsoc-dos(33176)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33176" "name": "kernel-tcpv6synrecvsoc-dos(33176)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33176"
} },
} {
"name": "SUSE-SA:2007:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_35_kernel.html"
},
{
"name": "oval:org.mitre.oval:def:10130",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10130"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d35690beda1429544d46c8eb34b2e3a8c37ab299"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-404.htm"
}
]
}
}

160
2007/1xxx/CVE-2007-1598.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1598", "ID": "CVE-2007-1598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.immunitysec.com/partners-index.shtml", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.immunitysec.com/partners-index.shtml" "lang": "eng",
}, "value": "Stack-based buffer overflow in InterVations FileCOPA FTP Server 1.01 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by filecopa.tar by Immunity. NOTE: some of these details are obtained from third party information. NOTE: As of 20070322, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes."
{ }
"name" : "https://www.immunityinc.com/downloads/immpartners/filecopa.tar", ]
"refsource" : "MISC", },
"url" : "https://www.immunityinc.com/downloads/immpartners/filecopa.tar" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23056", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23056" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "43559", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/43559" ]
}, },
{ "references": {
"name" : "filecopa-unspecified-bo(33462)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33462" "name": "23056",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23056"
} },
} {
"name": "filecopa-unspecified-bo(33462)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33462"
},
{
"name": "43559",
"refsource": "OSVDB",
"url": "http://osvdb.org/43559"
},
{
"name": "http://www.immunitysec.com/partners-index.shtml",
"refsource": "MISC",
"url": "http://www.immunitysec.com/partners-index.shtml"
},
{
"name": "https://www.immunityinc.com/downloads/immpartners/filecopa.tar",
"refsource": "MISC",
"url": "https://www.immunityinc.com/downloads/immpartners/filecopa.tar"
}
]
}
}

260
2007/1xxx/CVE-2007-1723.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1723", "ID": "CVE-2007-1723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dns1, or (8) dns2 parameter to (a) admin/system_IronMail.do; the (9) ipAddress parameter to (b) admin/systemOutOfBand.do; the (10) password or (11) confirmPassword parameter to (c) admin/systemBackup.do; the (12) Klicense parameter to (d) admin/systemLicenseManager.do; the (13) rows[1].attrValueStr or (14) rows[2].attrValueStr parameter to (e) admin/systemWebAdminConfig.do; the (15) rows[0].attrValueStr, rows[1].attrValueStr, (16) rows[2].attrValue, or (17) rows[2].attrValueStrClone parameter to (f) admin/ldap_ConfigureServiceProperties.do; the (18) input1 parameter to (g) admin/mailFirewall_MailRoutingInternal.do; or the (19) rows[2].attrValueStr, (20) rows[3].attrValueStr, (21) rows[5].attrValueStr, or (22) rows[6].attrValueStr parameter to (h) admin/mailIdsConfig.do."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070326 Multiple XSS in IronMail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/463827/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the administration console in Secure Computing CipherTrust IronMail 6.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) network, (2) defRouterIp, (3) hostName, (4) domainName, (5) ipAddress, (6) defaultRouter, (7) dns1, or (8) dns2 parameter to (a) admin/system_IronMail.do; the (9) ipAddress parameter to (b) admin/systemOutOfBand.do; the (10) password or (11) confirmPassword parameter to (c) admin/systemBackup.do; the (12) Klicense parameter to (d) admin/systemLicenseManager.do; the (13) rows[1].attrValueStr or (14) rows[2].attrValueStr parameter to (e) admin/systemWebAdminConfig.do; the (15) rows[0].attrValueStr, rows[1].attrValueStr, (16) rows[2].attrValue, or (17) rows[2].attrValueStrClone parameter to (f) admin/ldap_ConfigureServiceProperties.do; the (18) input1 parameter to (g) admin/mailFirewall_MailRoutingInternal.do; or the (19) rows[2].attrValueStr, (20) rows[3].attrValueStr, (21) rows[5].attrValueStr, or (22) rows[6].attrValueStr parameter to (h) admin/mailIdsConfig.do."
{ }
"name" : "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html", ]
"refsource" : "MISC", },
"url" : "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1164", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1164" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34526", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34526" ]
}, },
{ "references": {
"name" : "34527", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34527" "name": "34528",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34528"
"name" : "34528", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34528" "name": "34531",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34531"
"name" : "34529", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34529" "name": "1017821",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017821"
"name" : "34530", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34530" "name": "2484",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2484"
"name" : "34531", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34531" "name": "34529",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34529"
"name" : "34532", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34532" "name": "ADV-2007-1164",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1164"
"name" : "34533", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34533" "name": "ironmail-multiple-xss(33232)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33232"
"name" : "1017821", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017821" "name": "20070326 Multiple XSS in IronMail",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/463827/100/0/threaded"
"name" : "24657", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24657" "name": "34530",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34530"
"name" : "2484", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2484" "name": "34533",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34533"
"name" : "ironmail-multiple-xss(33232)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33232" "name": "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html",
} "refsource": "MISC",
] "url": "http://www.514.es/2007/03/siaadv07004_multiples_vulnerab.html"
} },
} {
"name": "24657",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24657"
},
{
"name": "34527",
"refsource": "OSVDB",
"url": "http://osvdb.org/34527"
},
{
"name": "34532",
"refsource": "OSVDB",
"url": "http://osvdb.org/34532"
},
{
"name": "34526",
"refsource": "OSVDB",
"url": "http://osvdb.org/34526"
}
]
}
}

150
2007/4xxx/CVE-2007-4117.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4117", "ID": "CVE-2007-4117",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070730 phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/475095/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in phpWebFileManager 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the PN_PathPrefix parameter. NOTE: this issue is disputed by a reliable third party, who demonstrates that PN_PathPrefix is defined before use."
{ }
"name" : "20070731 WTF: phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability", ]
"refsource" : "VIM", },
"url" : "http://www.attrition.org/pipermail/vim/2007-July/001744.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2940", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2940" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "phpwebfilemanager-index-file-include(35690)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35690" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20070731 WTF: phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-July/001744.html"
},
{
"name": "phpwebfilemanager-index-file-include(35690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35690"
},
{
"name": "20070730 phpWebFileManager v0.5 (PN_PathPrefix) Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475095/100/0/threaded"
},
{
"name": "2940",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2940"
}
]
}
}

200
2007/5xxx/CVE-2007-5003.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5003", "ID": "CVE-2007-5003",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", "description_data": [
"refsource" : "EEYE", {
"url" : "http://research.eeye.com/html/advisories/published/AD20070920.html" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."
{ }
"name" : "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", ]
"refsource" : "IDEFENSE", },
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480252/100/100/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp", ]
"refsource" : "CONFIRM", }
"url" : "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp" ]
}, },
{ "references": {
"name" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006" "name": "24348",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24348"
"name" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674", },
"refsource" : "CONFIRM", {
"url" : "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674" "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674",
}, "refsource": "CONFIRM",
{ "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
"name" : "24348", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24348" "name": "25606",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25606"
"name" : "1018728", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018728" "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
}, "refsource": "IDEFENSE",
{ "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
"name" : "25606", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25606" "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
} "refsource": "CONFIRM",
] "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
} },
} {
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}
}

160
2007/5xxx/CVE-2007-5026.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5026", "ID": "CVE-2007-5026",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for dblog.mdb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070919 [waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/479969/100/0/threaded" "lang": "eng",
}, "value": "dBlog CMS, probably 2.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing an admin password hash via a direct request for dblog.mdb."
{ }
"name" : "http://www.waraxe.us/advisory-52.html", ]
"refsource" : "MISC", },
"url" : "http://www.waraxe.us/advisory-52.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "43970", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/43970" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3156", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/3156" ]
}, },
{ "references": {
"name" : "dblog-dblog-information-disclosure(36703)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36703" "name": "3156",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3156"
} },
} {
"name": "43970",
"refsource": "OSVDB",
"url": "http://osvdb.org/43970"
},
{
"name": "20070919 [waraxe-2007-SA#052] - dBlog CMS Open Source database retrieval",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479969/100/0/threaded"
},
{
"name": "dblog-dblog-information-disclosure(36703)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36703"
},
{
"name": "http://www.waraxe.us/advisory-52.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-52.html"
}
]
}
}

130
2007/5xxx/CVE-2007-5199.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5199", "ID": "CVE-2007-5199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=327854", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=327854" "lang": "eng",
}, "value": "A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact."
{ }
"name" : "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef", ]
"refsource" : "CONFIRM", },
"url" : "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=327854",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=327854"
},
{
"name": "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef",
"refsource": "CONFIRM",
"url": "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef"
}
]
}
}

170
2007/5xxx/CVE-2007-5433.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5433", "ID": "CVE-2007-5433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) search mask field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071010 Vulnerabilities digest", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Site-Up 2.64 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search or (2) search mask field."
{ }
"name" : "http://securityvulns.ru/Sdocument12.html", ]
"refsource" : "MISC", },
"url" : "http://securityvulns.ru/Sdocument12.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://websecurity.com.ua/1210/", "description": [
"refsource" : "MISC", {
"url" : "http://websecurity.com.ua/1210/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26040", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26040" ]
}, },
{ "references": {
"name" : "42477", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42477" "name": "26040",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26040"
"name" : "3216", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3216" "name": "http://websecurity.com.ua/1210/",
} "refsource": "MISC",
] "url": "http://websecurity.com.ua/1210/"
} },
} {
"name": "http://securityvulns.ru/Sdocument12.html",
"refsource": "MISC",
"url": "http://securityvulns.ru/Sdocument12.html"
},
{
"name": "20071010 Vulnerabilities digest",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded"
},
{
"name": "42477",
"refsource": "OSVDB",
"url": "http://osvdb.org/42477"
},
{
"name": "3216",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3216"
}
]
}
}

150
2015/3xxx/CVE-2015-3326.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3326", "ID": "CVE-2015-3326",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html" "lang": "eng",
}, "value": "Trend Micro ScanMail for Microsoft Exchange (SMEX) 10.2 before Hot Fix Build 3318 and 11.0 before Hot Fix Build 4180 creates session IDs for the web console using a random number generator with predictable values, which makes it easier for remote attackers to bypass authentication via a brute force attack."
{ }
"name" : "http://esupport.trendmicro.com/solution/en-US/1109669.aspx", ]
"refsource" : "CONFIRM", },
"url" : "http://esupport.trendmicro.com/solution/en-US/1109669.aspx" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74661", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74661" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032323", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032323" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx",
"refsource": "CONFIRM",
"url": "http://esupport.trendmicro.com/solution/en-US/1109669.aspx"
},
{
"name": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html",
"refsource": "MISC",
"url": "http://blog.malerisch.net/2016/05/trendmicro-smex-session-predictable-cve-2015-3326.html"
},
{
"name": "74661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74661"
},
{
"name": "1032323",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032323"
}
]
}
}

150
2015/3xxx/CVE-2015-3758.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3758", "ID": "CVE-2015-3758",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "UIKit WebView in Apple iOS before 8.4.1 allows attackers to bypass an intended user-confirmation requirement and initiate arbitrary FaceTime calls via an app that provides a crafted URL."
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76337", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76337" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033275", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033275" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.apple.com/kb/HT205030",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205030"
},
{
"name": "1033275",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033275"
},
{
"name": "76337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76337"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
}
]
}
}

130
2015/6xxx/CVE-2015-6087.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6087", "ID": "CVE-2015-6087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6076."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-112", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" "lang": "eng",
}, "value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6066, CVE-2015-6070, CVE-2015-6071, CVE-2015-6074, and CVE-2015-6076."
{ }
"name" : "1034112", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034112" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034112",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034112"
},
{
"name": "MS15-112",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112"
}
]
}
}

120
2015/6xxx/CVE-2015-6914.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6914", "ID": "CVE-2015-6914",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html" "lang": "eng",
} "value": "Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133251/SiteFactory-CMS-5.5.9-Directory-Traversal.html"
}
]
}
}

140
2015/7xxx/CVE-2015-7057.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7057", "ID": "CVE-2015-7057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205642", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205642" "lang": "eng",
}, "value": "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049."
{ }
"name" : "APPLE-SA-2015-12-08-6", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034340", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034340" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT205642",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205642"
},
{
"name": "APPLE-SA-2015-12-08-6",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html"
},
{
"name": "1034340",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034340"
}
]
}
}

150
2015/7xxx/CVE-2015-7258.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-7258", "ID": "CVE-2015-7258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38772", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38772/" "lang": "eng",
}, "value": "ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain user passwords by displaying user information in a Telnet connection."
{ }
"name" : "20151114 ZTE ADSL modems - Multiple vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/Nov/48" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "38772",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38772/"
},
{
"name": "20151114 ZTE ADSL modems - Multiple vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Nov/48"
},
{
"name": "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134493/ZTE-ADSL-ZXV10-W300-Authorization-Disclosure-Backdoor.html"
},
{
"name": "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134336/ZTE-ADSL-Authorization-Bypass-Information-Disclosure.html"
}
]
}
}

130
2015/7xxx/CVE-2015-7484.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7484", "ID": "CVE-2015-7484",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" "lang": "eng",
}, "value": "IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with access to lifecycle projects to obtain sensitive information by sending a crafted URL to the Lifecycle Query Engine. IBM X-Force ID: 108619."
{ }
"name" : "ibm-relm-cve20157484-info-disc(108619)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/108619" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-relm-cve20157484-info-disc(108619)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108619"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720"
}
]
}
}

34
2015/7xxx/CVE-2015-7957.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7957", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7957",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

150
2015/8xxx/CVE-2015-8352.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8352", "ID": "CVE-2015-8352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151216 RCE in Zen Cart via Arbitrary File Inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537129/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php."
{ }
"name" : "39017", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/39017/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.htbridge.com/advisory/HTB23282", "description": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23282" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015", ]
"refsource" : "CONFIRM", }
"url" : "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://www.htbridge.com/advisory/HTB23282",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"name": "39017",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"name": "20151216 RCE in Zen Cart via Arbitrary File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"name": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015",
"refsource": "CONFIRM",
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
}
]
}
}

180
2015/8xxx/CVE-2015-8473.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8473", "ID": "CVE-2015-8473",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22" "lang": "eng",
}, "value": "The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote authenticated users to obtain sensitive information in changeset messages by leveraging permission to read issues with related changesets from other projects."
{ }
"name" : "https://www.redmine.org/issues/21136", ]
"refsource" : "CONFIRM", },
"url" : "https://www.redmine.org/issues/21136" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1", ]
"refsource" : "CONFIRM", }
"url" : "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1" ]
}, },
{ "references": {
"name" : "https://www.redmine.org/versions/105", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.redmine.org/versions/105" "name": "78621",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/78621"
"name" : "DSA-3529", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3529" "name": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0",
}, "refsource": "CONFIRM",
{ "url": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_0"
"name" : "78621", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78621" "name": "https://www.redmine.org/issues/21136",
} "refsource": "CONFIRM",
] "url": "https://www.redmine.org/issues/21136"
} },
} {
"name": "https://www.redmine.org/versions/105",
"refsource": "CONFIRM",
"url": "https://www.redmine.org/versions/105"
},
{
"name": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1",
"refsource": "CONFIRM",
"url": "https://www.redmine.org/projects/redmine/wiki/Changelog_3_1"
},
{
"name": "DSA-3529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3529"
},
{
"name": "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22",
"refsource": "CONFIRM",
"url": "https://github.com/redmine/redmine/commit/8d8f612fa368a72c56b63f7ce6b7e98cab9feb22"
}
]
}
}

240
2015/8xxx/CVE-2015-8650.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8650", "ID": "CVE-2015-8650",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-651", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-651" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, and CVE-2015-8649."
{ }
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" ]
}, },
{ "references": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "name": "openSUSE-SU-2015:2403",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
"name" : "GLSA-201601-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-03" "name": "1034544",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034544"
"name" : "RHSA-2015:2697", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" "name": "RHSA-2015:2697",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
"name" : "SUSE-SU-2015:2401", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "SUSE-SU-2015:2402", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
"name" : "openSUSE-SU-2015:2400", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" "name": "SUSE-SU-2015:2401",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
"name" : "openSUSE-SU-2015:2403", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "79701", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79701" "name": "SUSE-SU-2015:2402",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
"name" : "1034544", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034544" "name": "79701",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/79701"
} },
} {
"name": "openSUSE-SU-2015:2400",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-651",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-651"
}
]
}
}

160
2015/8xxx/CVE-2015-8741.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8741", "ID": "CVE-2015-8741",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-59.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-59.html" "lang": "eng",
}, "value": "The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201604-05", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201604-05" ]
}, },
{ "references": {
"name" : "1034551", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034551" "name": "http://www.wireshark.org/security/wnpa-sec-2015-59.html",
} "refsource": "CONFIRM",
] "url": "http://www.wireshark.org/security/wnpa-sec-2015-59.html"
} },
} {
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2290eba5cb25f927f9142680193ac1158d35506e"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11876"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}
}

150
2016/0xxx/CVE-2016-0154.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0154", "ID": "CVE-2016-0154",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-037", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
{ }
"name" : "MS16-038", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-038" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035521", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035521" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1035522", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1035522" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1035521",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035521"
},
{
"name": "MS16-037",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037"
},
{
"name": "1035522",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035522"
},
{
"name": "MS16-038",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-038"
}
]
}
}

180
2016/0xxx/CVE-2016-0199.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0199", "ID": "CVE-2016-0199",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0200 and CVE-2016-3211."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160614 Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1226" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0200 and CVE-2016-3211."
{ }
"name" : "20160617 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/538706/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39994", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39994/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20160618 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion", ]
"refsource" : "FULLDISC", }
"url" : "http://seclists.org/fulldisclosure/2016/Jun/44" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html" "name": "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html"
"name" : "MS16-063", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063" "name": "MS16-063",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063"
"name" : "1036096", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036096" "name": "20160614 Microsoft Internet Explorer 11 Garbage Collector Attribute Type Confusion Vulnerability",
} "refsource": "IDEFENSE",
] "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1226"
} },
} {
"name": "39994",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39994/"
},
{
"name": "20160617 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538706/100/0/threaded"
},
{
"name": "1036096",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036096"
},
{
"name": "20160618 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jun/44"
}
]
}
}

140
2016/0xxx/CVE-2016-0638.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0638", "ID": "CVE-2016-0638",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.tenable.com/security/research/tra-2016-09", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.tenable.com/security/research/tra-2016-09" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service."
{ }
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035615", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035615" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2016-09",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2016-09"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "1035615",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035615"
}
]
}
}

126
2016/0xxx/CVE-2016-0708.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0708", "ID": "CVE-2016-0708",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cloud Foundry", "product_name": "Cloud Foundry",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "versions v166 through v227" "version_value": "versions v166 through v227"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cloud Foundry" "vendor_name": "Cloud Foundry"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.cloudfoundry.org/blog/cve-2016-0708/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.cloudfoundry.org/blog/cve-2016-0708/" "lang": "eng",
} "value": "Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue."
] }
}, ]
"source" : { },
"discovery" : "UNKNOWN" "problemtype": {
} "problemtype_data": [
} {
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cloudfoundry.org/blog/cve-2016-0708/",
"refsource": "CONFIRM",
"url": "https://www.cloudfoundry.org/blog/cve-2016-0708/"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

140
2016/1xxx/CVE-2016-1160.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1160", "ID": "CVE-2016-1160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wordpress.org/plugins/wp-favorite-posts/changelog/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/wp-favorite-posts/changelog/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plugin before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#86517621", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN86517621/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000034", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000034" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000034"
},
{
"name": "JVN#86517621",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN86517621/index.html"
},
{
"name": "https://wordpress.org/plugins/wp-favorite-posts/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/wp-favorite-posts/changelog/"
}
]
}
}

150
2016/1xxx/CVE-2016-1415.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1415", "ID": "CVE-2016-1415",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40509", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40509/" "lang": "eng",
}, "value": "Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted file, aka Bug ID CSCuz80455."
{ }
"name" : "20160831 Cisco WebEx Meetings Player Denial of Service Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-webex" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92711", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92711" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036713", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036713" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20160831 Cisco WebEx Meetings Player Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-webex"
},
{
"name": "1036713",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036713"
},
{
"name": "92711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92711"
},
{
"name": "40509",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40509/"
}
]
}
}

420
2016/1xxx/CVE-2016-1705.json
View File

@ -1,212 +1,212 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-1705", "ID": "CVE-2016-1705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://crbug.com/590619", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/590619" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.82 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
{ }
"name" : "http://crbug.com/599458", ]
"refsource" : "CONFIRM", },
"url" : "http://crbug.com/599458" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://crbug.com/600953", "description": [
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/600953" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://crbug.com/609286", ]
"refsource" : "CONFIRM", }
"url" : "http://crbug.com/609286" ]
}, },
{ "references": {
"name" : "http://crbug.com/611959", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/611959" "name": "openSUSE-SU-2016:1868",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"
"name" : "http://crbug.com/612939", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/612939" "name": "http://crbug.com/612939",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/612939"
"name" : "http://crbug.com/613869", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/613869" "name": "http://crbug.com/600953",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/600953"
"name" : "http://crbug.com/613971", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/613971" "name": "openSUSE-SU-2016:1869",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"
"name" : "http://crbug.com/614405", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/614405" "name": "http://crbug.com/614989",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/614989"
"name" : "http://crbug.com/614701", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/614701" "name": "92053",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92053"
"name" : "http://crbug.com/614989", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/614989" "name": "http://crbug.com/613869",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/613869"
"name" : "http://crbug.com/615820", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/615820" "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"
"name" : "http://crbug.com/619378", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/619378" "name": "http://crbug.com/620737",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/620737"
"name" : "http://crbug.com/619382", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/619382" "name": "http://crbug.com/622522",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/622522"
"name" : "http://crbug.com/620694", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/620694" "name": "http://crbug.com/621843",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/621843"
"name" : "http://crbug.com/620737", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/620737" "name": "http://crbug.com/614701",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/614701"
"name" : "http://crbug.com/620858", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/620858" "name": "http://crbug.com/609286",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/609286"
"name" : "http://crbug.com/620952", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/620952" "name": "USN-3041-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3041-1"
"name" : "http://crbug.com/621843", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/621843" "name": "http://crbug.com/619378",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/619378"
"name" : "http://crbug.com/622522", },
"refsource" : "CONFIRM", {
"url" : "http://crbug.com/622522" "name": "openSUSE-SU-2016:1918",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"
"name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", },
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" "name": "http://crbug.com/615820",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/615820"
"name" : "https://crbug.com/629852", },
"refsource" : "CONFIRM", {
"url" : "https://crbug.com/629852" "name": "http://crbug.com/619382",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/619382"
"name" : "DSA-3637", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3637" "name": "http://crbug.com/613971",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/613971"
"name" : "RHSA-2016:1485", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html" "name": "https://crbug.com/629852",
}, "refsource": "CONFIRM",
{ "url": "https://crbug.com/629852"
"name" : "openSUSE-SU-2016:1865", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" "name": "http://crbug.com/614405",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/614405"
"name" : "openSUSE-SU-2016:1868", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" "name": "http://crbug.com/590619",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/590619"
"name" : "openSUSE-SU-2016:1869", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" "name": "http://crbug.com/599458",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/599458"
"name" : "openSUSE-SU-2016:1918", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" "name": "openSUSE-SU-2016:1865",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"
"name" : "USN-3041-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3041-1" "name": "http://crbug.com/620952",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/620952"
"name" : "92053", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92053" "name": "http://crbug.com/611959",
}, "refsource": "CONFIRM",
{ "url": "http://crbug.com/611959"
"name" : "1036428", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036428" "name": "RHSA-2016:1485",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html"
} },
} {
"name": "http://crbug.com/620694",
"refsource": "CONFIRM",
"url": "http://crbug.com/620694"
},
{
"name": "1036428",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036428"
},
{
"name": "DSA-3637",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3637"
},
{
"name": "http://crbug.com/620858",
"refsource": "CONFIRM",
"url": "http://crbug.com/620858"
}
]
}
}

200
2016/1xxx/CVE-2016-1717.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1717", "ID": "CVE-2016-1717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT205729", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205729" "lang": "eng",
}, "value": "The Disk Images component in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors."
{ }
"name" : "https://support.apple.com/HT205731", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205731" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT205732", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT205732" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT206168", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT206168" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-01-19-1", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" "name": "https://support.apple.com/HT206168",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT206168"
"name" : "APPLE-SA-2016-01-19-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html" "name": "https://support.apple.com/HT205731",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205731"
"name" : "APPLE-SA-2016-01-25-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html" "name": "https://support.apple.com/HT205729",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205729"
"name" : "APPLE-SA-2016-03-21-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" "name": "APPLE-SA-2016-01-25-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html"
"name" : "1034736", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034736" "name": "1034736",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1034736"
} },
} {
"name": "APPLE-SA-2016-01-19-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html"
},
{
"name": "APPLE-SA-2016-03-21-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "APPLE-SA-2016-01-19-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html"
},
{
"name": "https://support.apple.com/HT205732",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205732"
}
]
}
}

130
2016/1xxx/CVE-2016-1925.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1925", "ID": "CVE-2016-1925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160118 Buffer Overflow in lha compression utility", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/01/18/3" "lang": "eng",
}, "value": "Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow."
{ }
"name" : "[oss-security] 20160118 Re: Buffer Overflow in lha compression utility", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/01/18/8" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160118 Re: Buffer Overflow in lha compression utility",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/18/8"
},
{
"name": "[oss-security] 20160118 Buffer Overflow in lha compression utility",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/18/3"
}
]
}
}

130
2016/5xxx/CVE-2016-5409.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5409", "ID": "CVE-2016-5409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366461", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1366461" "lang": "eng",
}, "value": "Red Hat OpenShift Enterprise 2 does not include the HTTPOnly flag in a Set-Cookie header for the GEARID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to the cookies."
{ }
"name" : "97988", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97988" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1366461",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366461"
},
{
"name": "97988",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97988"
}
]
}
}

130
2016/5xxx/CVE-2016-5430.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5430", "ID": "CVE-2016-5430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199" "lang": "eng",
}, "value": "The RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA)."
{ }
"name" : "92741", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92741" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92741",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92741"
},
{
"name": "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199",
"refsource": "CONFIRM",
"url": "https://github.com/nov/jose-php/commit/f03b986b4439e20b0fd635109b48afe96cf0099b#diff-37b0d289d6375ba4a7740401950ccdd6R199"
}
]
}
}

34
2016/5xxx/CVE-2016-5780.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5780", "ID": "CVE-2016-5780",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/5xxx/CVE-2016-5869.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5869", "ID": "CVE-2016-5869",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2016/5xxx/CVE-2016-5988.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-5988", "ID": "CVE-2016-5988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Privileged Identity Manager", "product_name": "Privileged Identity Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.0.1" "version_value": "1.0.1"
}, },
{ {
"version_value" : "1.0.1.1" "version_value": "1.0.1.1"
}, },
{ {
"version_value" : "2.0.0" "version_value": "2.0.0"
}, },
{ {
"version_value" : "2.0.1" "version_value": "2.0.1"
}, },
{ {
"version_value" : "2.0.2" "version_value": "2.0.2"
}, },
{ {
"version_value" : "2.1.0" "version_value": "2.1.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21996614", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21996614" "lang": "eng",
}, "value": "IBM Security Privileged Identity Manager Virtual Appliance could disclose sensitive information in generated error messages that would be available to an authenticated user."
{ }
"name" : "95198", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95198" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996614",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996614"
},
{
"name": "95198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95198"
}
]
}
}

34
2019/0xxx/CVE-2019-0638.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0638", "ID": "CVE-2019-0638",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0795.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0795", "ID": "CVE-2019-0795",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0913.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0913", "ID": "CVE-2019-0913",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1213.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1213", "ID": "CVE-2019-1213",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1533.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1533", "ID": "CVE-2019-1533",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1560.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1560", "ID": "CVE-2019-1560",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1780.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1780", "ID": "CVE-2019-1780",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3077.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3077", "ID": "CVE-2019-3077",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3180.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3180", "ID": "CVE-2019-3180",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4445.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4445", "ID": "CVE-2019-4445",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4607.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4607", "ID": "CVE-2019-4607",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4896.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4896", "ID": "CVE-2019-4896",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4912.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4912", "ID": "CVE-2019-4912",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5083.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5083", "ID": "CVE-2019-5083",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5578.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5578", "ID": "CVE-2019-5578",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8449.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8449", "ID": "CVE-2019-8449",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8463.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8463", "ID": "CVE-2019-8463",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8484.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8484", "ID": "CVE-2019-8484",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8861.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8861", "ID": "CVE-2019-8861",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9137.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9137", "ID": "CVE-2019-9137",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/9xxx/CVE-2019-9191.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9191", "ID": "CVE-2019-9191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it" "lang": "eng",
}, "value": "The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) protocol does not provide per-session forward secrecy."
{ }
"name" : "107208", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107208" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it",
"refsource": "MISC",
"url": "https://www.eff.org/deeplinks/2019/02/ets-isnt-tls-and-you-shouldnt-use-it"
},
{
"name": "107208",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107208"
}
]
}
}

120
2019/9xxx/CVE-2019-9740.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9740", "ID": "CVE-2019-9740",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n followed by an HTTP header or a Redis command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.python.org/issue36276", "description_data": [
"refsource" : "MISC", {
"url" : "https://bugs.python.org/issue36276" "lang": "eng",
} "value": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.2. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n followed by an HTTP header or a Redis command."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.python.org/issue36276",
"refsource": "MISC",
"url": "https://bugs.python.org/issue36276"
}
]
}
}

34
2019/9xxx/CVE-2019-9820.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9820", "ID": "CVE-2019-9820",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }