admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:59:02 +00:00
parent c745401edf
commit 3b8666459e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 3129 additions and 3129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0288.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0288", "ID": "CVE-1999-0288",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://safenetworks.com/Windows/wins.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://safenetworks.com/Windows/wins.html" "lang": "eng",
}, "value": "The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets."
{ }
"name" : "nt-winsupd-fix(1233)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1233" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://safenetworks.com/Windows/wins.html",
"refsource": "MISC",
"url": "http://safenetworks.com/Windows/wins.html"
},
{
"name": "nt-winsupd-fix(1233)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1233"
}
]
}
}

120
1999/0xxx/CVE-1999-0490.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0490", "ID": "CVE-1999-0490",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS99-012", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012" "lang": "eng",
} "value": "MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to learn information about a local user's files via an IMG SRC tag."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS99-012",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-012"
}
]
}
}

130
1999/1xxx/CVE-1999-1260.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1260", "ID": "CVE-1999-1260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990215 KSR[T] Advisory #10: mSQL ServerStats", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=91910115718150&w=2" "lang": "eng",
}, "value": "mSQL (Mini SQL) 2.0.6 allows remote attackers to obtain sensitive server information such as logged users, database names, and server version via the ServerStats query."
{ }
"name" : "msql-serverstats(1777)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1777" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990215 KSR[T] Advisory #10: mSQL ServerStats",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91910115718150&w=2"
},
{
"name": "msql-serverstats(1777)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1777"
}
]
}
}

220
2007/0xxx/CVE-2007-0323.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2007-0323", "ID": "CVE-2007-0323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html" "lang": "eng",
}, "value": "Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "HPSBST02214", ]
"refsource" : "HP", },
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT071422", "description": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "MS07-027", ]
"refsource" : "MS", }
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" ]
}, },
{ "references": {
"name" : "TA07-128A", "reference_data": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" "name": "HPSBST02214",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "VU#869641", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/869641" "name": "VU#869641",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/869641"
"name" : "23331", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23331" "name": "SSRT071422",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "ADV-2007-1716", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1716" "name": "23331",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23331"
"name" : "35873", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35873" "name": "MS07-027",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027"
"name" : "25218", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25218" "name": "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.blackberry.com/btsc/articles/74/KB13142_f.SAL_Public.html"
"name" : "rim-toimport-activex-bo(34182)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34182" "name": "TA07-128A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
} },
} {
"name": "ADV-2007-1716",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1716"
},
{
"name": "25218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25218"
},
{
"name": "35873",
"refsource": "OSVDB",
"url": "http://osvdb.org/35873"
},
{
"name": "rim-toimport-activex-bo(34182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34182"
}
]
}
}

160
2007/0xxx/CVE-2007-0569.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0569", "ID": "CVE-2007-0569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3216", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3216" "lang": "eng",
}, "value": "SQL injection vulnerability in xNews.php in xNews 1.3 allows remote attackers to execute arbitrary SQL commands via the id parameter in a shownews action."
{ }
"name" : "22284", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22284" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32999", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32999" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23954", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23954" ]
}, },
{ "references": {
"name" : "xnews-xnews-sql-injection(31855)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31855" "name": "xnews-xnews-sql-injection(31855)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31855"
} },
} {
"name": "3216",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3216"
},
{
"name": "32999",
"refsource": "OSVDB",
"url": "http://osvdb.org/32999"
},
{
"name": "22284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22284"
},
{
"name": "23954",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23954"
}
]
}
}

140
2007/0xxx/CVE-2007-0975.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0975", "ID": "CVE-2007-0975",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/forum/forum.php?forum_id=660919", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/forum/forum.php?forum_id=660919" "lang": "eng",
}, "value": "Variable extraction vulnerability in Ian Bezanson Apache Stats before 0.0.3 beta allows attackers to overwrite critical variables, with unknown impact, when the extract function is used on the _REQUEST superglobal array."
{ }
"name" : "http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2", ]
"refsource" : "CONFIRM", },
"url" : "http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0598", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0598" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2",
"refsource": "CONFIRM",
"url": "http://superb-east.dl.sourceforge.net/sourceforge/apachestats/apacheStats_0.0.3Beta.tar.bz2"
},
{
"name": "http://sourceforge.net/forum/forum.php?forum_id=660919",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/forum/forum.php?forum_id=660919"
},
{
"name": "ADV-2007-0598",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0598"
}
]
}
}

160
2007/1xxx/CVE-2007-1142.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1142", "ID": "CVE-2007-1142",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070221 Magic News Plus File Inclusion And Xss Vulnerabilitis", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460902/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Magic News Plus 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the link_parameters parameter in (1) news.php and (2) n_layouts.php."
{ }
"name" : "22661", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22661" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33136", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33136" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33137", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33137" ]
}, },
{ "references": {
"name" : "2334", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2334" "name": "33137",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33137"
} },
} {
"name": "20070221 Magic News Plus File Inclusion And Xss Vulnerabilitis",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460902/100/0/threaded"
},
{
"name": "22661",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22661"
},
{
"name": "2334",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2334"
},
{
"name": "33136",
"refsource": "OSVDB",
"url": "http://osvdb.org/33136"
}
]
}
}

130
2007/1xxx/CVE-2007-1623.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1623", "ID": "CVE-2007-1623",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5.01, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) bg_color_1, (2) fs_menu, (3) fc_menu, (4) ff_menu, (5) bg_color_2, (6) fs_normal, (7) fc_normal, and (8) ff_normal parameters to welcome_admin.php; and possibly unspecified other parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "34341", "description_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34341" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in realGuestbook 5.01, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) bg_color_1, (2) fs_menu, (3) fc_menu, (4) ff_menu, (5) bg_color_2, (6) fs_normal, (7) fc_normal, and (8) ff_normal parameters to welcome_admin.php; and possibly unspecified other parameters and files. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "24602", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/24602" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24602",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24602"
},
{
"name": "34341",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34341"
}
]
}
}

160
2007/1xxx/CVE-2007-1629.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1629", "ID": "CVE-2007-1629",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Photo Gallery allows remote attackers to execute arbitrary SQL commands via the catid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3536", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3536" "lang": "eng",
}, "value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Photo Gallery allows remote attackers to execute arbitrary SQL commands via the catid parameter."
{ }
"name" : "23077", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23077" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1072", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1072" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24568", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24568" ]
}, },
{ "references": {
"name" : "active-default-sql-injection(33129)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33129" "name": "23077",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23077"
} },
} {
"name": "ADV-2007-1072",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1072"
},
{
"name": "active-default-sql-injection(33129)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33129"
},
{
"name": "3536",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3536"
},
{
"name": "24568",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24568"
}
]
}
}

180
2007/1xxx/CVE-2007-1918.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1918", "ID": "CVE-2007-1918",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464685/100/0/threaded" "lang": "eng",
}, "value": "The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
{ }
"name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23309", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23309" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1270", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1270" ]
}, },
{ "references": {
"name" : "24722", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24722" "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf",
}, "refsource": "MISC",
{ "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_SET_REG_SERVER_PROPERTY_RFC_Function_Denial_of_Service.pdf"
"name" : "2540", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2540" "name": "23309",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23309"
"name" : "sap-rfc-setregserverproperty-dos(33418)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33418" "name": "2540",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/2540"
} },
} {
"name": "sap-rfc-setregserverproperty-dos(33418)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33418"
},
{
"name": "24722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24722"
},
{
"name": "ADV-2007-1270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1270"
},
{
"name": "20070404 CYBSEC Security Pre-Advisory: SAP RFC_SET_REG_SERVER_PROPERTY RFC Function Denial Of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464685/100/0/threaded"
}
]
}
}

180
2007/1xxx/CVE-2007-1940.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1940", "ID": "CVE-2007-1940",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "IY96572", "description_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24015473" "lang": "eng",
}, "value": "IBM Tivoli Business Service Manager (TBSM) 4.1 before Interim Fix 1 logs passwords in plaintext, which allows local users to obtain sensitive information by reading (1) ncisetup.db or (2) msi.log."
{ }
"name" : "23298", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23298" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1248", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1248" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34770", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34770" ]
}, },
{ "references": {
"name" : "1017869", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017869" "name": "34770",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34770"
"name" : "24763", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24763" "name": "23298",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23298"
"name" : "tbsm-ncisetup-information-disclosure(33426)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33426" "name": "ADV-2007-1248",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1248"
} },
} {
"name": "24763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24763"
},
{
"name": "tbsm-ncisetup-information-disclosure(33426)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33426"
},
{
"name": "1017869",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017869"
},
{
"name": "IY96572",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24015473"
}
]
}
}

230
2007/5xxx/CVE-2007-5504.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5504", "ID": "CVE-2007-5504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071029 Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482923/100/100/threaded" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package."
{ }
"name" : "http://www.appsecinc.com/resources/alerts/oracle/2007-08.shtml", ]
"refsource" : "MISC", },
"url" : "http://www.appsecinc.com/resources/alerts/oracle/2007-08.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" ]
}, },
{ "references": {
"name" : "SSRT061201", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "TA07-290A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "26235", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26235" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "ADV-2007-3524", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "SSRT061201",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "26235",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26235"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "20071029 Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/482923/100/100/threaded"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "http://www.appsecinc.com/resources/alerts/oracle/2007-08.shtml",
} "refsource": "MISC",
] "url": "http://www.appsecinc.com/resources/alerts/oracle/2007-08.shtml"
} },
} {
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
}

190
2007/5xxx/CVE-2007-5602.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2007-5602", "ID": "CVE-2007-5602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.swiftview.com/tech/security/bulletins/SBSV-07-10-02.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.swiftview.com/tech/security/bulletins/SBSV-07-10-02.htm" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.ocx ActiveX control or the (2) npsview.dll plugin for Mozilla and Firefox."
{ }
"name" : "VU#639169", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/639169" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27527", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27527" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2008-0330", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2008/0330" ]
}, },
{ "references": {
"name" : "42836", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42836" "name": "VU#639169",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/639169"
"name" : "42837", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42837" "name": "28724",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28724"
"name" : "1019287", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019287" "name": "ADV-2008-0330",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0330"
"name" : "28724", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28724" "name": "http://www.swiftview.com/tech/security/bulletins/SBSV-07-10-02.htm",
} "refsource": "CONFIRM",
] "url": "http://www.swiftview.com/tech/security/bulletins/SBSV-07-10-02.htm"
} },
} {
"name": "27527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27527"
},
{
"name": "42836",
"refsource": "OSVDB",
"url": "http://osvdb.org/42836"
},
{
"name": "1019287",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019287"
},
{
"name": "42837",
"refsource": "OSVDB",
"url": "http://osvdb.org/42837"
}
]
}
}

150
2015/3xxx/CVE-2015-3712.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3712", "ID": "CVE-2015-3712",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT204942", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT204942" "lang": "eng",
}, "value": "The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app."
{ }
"name" : "APPLE-SA-2015-06-30-2", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75493", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75493" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032760", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032760" ]
} },
] "references": {
} "reference_data": [
} {
"name": "APPLE-SA-2015-06-30-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"name": "75493",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75493"
},
{
"name": "1032760",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032760"
},
{
"name": "http://support.apple.com/kb/HT204942",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT204942"
}
]
}
}

180
2015/3xxx/CVE-2015-3778.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3778", "ID": "CVE-2015-3778",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain potentially sensitive information about MAC addresses seen in previous Wi-Fi sessions by sniffing an 802.11 network for DNAv4 broadcast traffic."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "76337", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76337" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "76340", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76340" "name": "1033275",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033275"
"name" : "1033275", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033275" "name": "76337",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/76337"
} },
} {
"name": "76340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76340"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
}
]
}
}

34
2015/3xxx/CVE-2015-3917.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3917", "ID": "CVE-2015-3917",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/4xxx/CVE-2015-4298.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-4298", "ID": "CVE-2015-4298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150813 Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40428" "lang": "eng",
}, "value": "Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056."
{ }
"name" : "76348", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76348" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033286", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033286" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1033286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033286"
},
{
"name": "76348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76348"
},
{
"name": "20150813 Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40428"
}
]
}
}

34
2015/7xxx/CVE-2015-7507.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7507", "ID": "CVE-2015-7507",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

370
2015/7xxx/CVE-2015-7613.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7613", "ID": "CVE-2015-7613",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20151001 CVE Request: Unauthorized access to IPC objects with SysV shm", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/10/01/8" "lang": "eng",
}, "value": "Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipc_addid call that leads to uid and gid comparisons against uninitialized data, related to msg.c, shm.c, and util.c."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1268270", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1268270" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/b9a532277938798b53178d5a66af6e2915cb27cf", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/b9a532277938798b53178d5a66af6e2915cb27cf" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "name": "RHSA-2015:2636",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "name": "DSA-3372",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3372"
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10146", },
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10146" "name": "SUSE-SU-2015:2089",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html"
"name" : "DSA-3372", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3372" "name": "USN-2765-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2765-1"
"name" : "RHSA-2015:2636", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2636.html" "name": "USN-2792-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2792-1"
"name" : "SUSE-SU-2015:2084", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html" "name": "USN-2762-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2762-1"
"name" : "SUSE-SU-2015:2085", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html" "name": "SUSE-SU-2015:2087",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html"
"name" : "SUSE-SU-2015:2086", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html" "name": "SUSE-SU-2015:1727",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html"
"name" : "SUSE-SU-2015:2087", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00029.html" "name": "https://github.com/torvalds/linux/commit/b9a532277938798b53178d5a66af6e2915cb27cf",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/b9a532277938798b53178d5a66af6e2915cb27cf"
"name" : "SUSE-SU-2015:2089", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00030.html" "name": "USN-2763-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2763-1"
"name" : "SUSE-SU-2015:2090", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "SUSE-SU-2015:2091", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html" "name": "1034094",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034094"
"name" : "SUSE-SU-2015:1727", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00009.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9a532277938798b53178d5a66af6e2915cb27cf"
"name" : "USN-2792-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2792-1" "name": "1034592",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034592"
"name" : "USN-2761-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2761-1" "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10146",
}, "refsource": "CONFIRM",
{ "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10146"
"name" : "USN-2762-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2762-1" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "USN-2763-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2763-1" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1268270",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1268270"
"name" : "USN-2764-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2764-1" "name": "SUSE-SU-2015:2091",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00032.html"
"name" : "USN-2765-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2765-1" "name": "USN-2764-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2764-1"
"name" : "76977", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76977" "name": "[oss-security] 20151001 CVE Request: Unauthorized access to IPC objects with SysV shm",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/10/01/8"
"name" : "1034592", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034592" "name": "76977",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76977"
"name" : "1034094", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034094" "name": "SUSE-SU-2015:2084",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00026.html"
} },
} {
"name": "SUSE-SU-2015:2085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00027.html"
},
{
"name": "SUSE-SU-2015:2086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00028.html"
},
{
"name": "USN-2761-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2761-1"
},
{
"name": "SUSE-SU-2015:2090",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00031.html"
}
]
}
}

230
2015/7xxx/CVE-2015-7705.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7705", "ID": "CVE-2015-7705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://eprint.iacr.org/2015/1020.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "https://eprint.iacr.org/2015/1020.pdf" "lang": "eng",
}, "value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests."
{ }
"name" : "https://www.cs.bu.edu/~goldbe/NTPattack.html", ]
"refsource" : "MISC", },
"url" : "https://www.cs.bu.edu/~goldbe/NTPattack.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.ntp.org/bin/view/Main/NtpBug2901", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.ntp.org/bin/view/Main/NtpBug2901" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit", ]
"refsource" : "CONFIRM", }
"url" : "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274184", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274184" "name": "VU#718152",
}, "refsource": "CERT-VN",
{ "url": "https://www.kb.cert.org/vuls/id/718152"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" "name": "77284",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77284"
"name" : "https://security.netapp.com/advisory/ntap-20171004-0001/", },
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20171004-0001/" "name": "https://support.citrix.com/article/CTX220112",
}, "refsource": "CONFIRM",
{ "url": "https://support.citrix.com/article/CTX220112"
"name" : "https://support.citrix.com/article/CTX220112", },
"refsource" : "CONFIRM", {
"url" : "https://support.citrix.com/article/CTX220112" "name": "1033951",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033951"
"name" : "GLSA-201607-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-15" "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit",
}, "refsource": "CONFIRM",
{ "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit"
"name" : "VU#718152", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/718152" "name": "https://www.cs.bu.edu/~goldbe/NTPattack.html",
}, "refsource": "MISC",
{ "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html"
"name" : "77284", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77284" "name": "https://eprint.iacr.org/2015/1020.pdf",
}, "refsource": "MISC",
{ "url": "https://eprint.iacr.org/2015/1020.pdf"
"name" : "1033951", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033951" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839",
} "refsource": "CONFIRM",
] "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184"
},
{
"name": "http://support.ntp.org/bin/view/Main/NtpBug2901",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/NtpBug2901"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
}
]
}
}

140
2015/8xxx/CVE-2015-8312.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8312", "ID": "CVE-2015-8312",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca" "lang": "eng",
}, "value": "Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes."
{ }
"name" : "https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16", ]
"refsource" : "CONFIRM", },
"url" : "https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3569", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3569" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "DSA-3569",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3569"
},
{
"name": "https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16",
"refsource": "CONFIRM",
"url": "https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16"
},
{
"name": "http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca",
"refsource": "CONFIRM",
"url": "http://git.openafs.org/?p=openafs.git;a=commitdiff;h=2ef863720da4d9f368aaca0461c672a3008195ca"
}
]
}
}

34
2015/8xxx/CVE-2015-8591.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8591", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8591",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8824.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8824", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8824",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8885.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8885", "ID": "CVE-2015-8885",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

132
2015/9xxx/CVE-2015-9215.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9215", "ID": "CVE-2015-9215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9615, MDM9625, MDM9635M, SD 810" "version_value": "MDM9615, MDM9625, MDM9635M, SD 810"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810, improper input validation can cause a null pointer dereference in USB bootloader find_ep() function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Null Pointer Dereference in Core"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810, improper input validation can cause a null pointer dereference in USB bootloader find_ep() function."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Null Pointer Dereference in Core"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

130
2016/0xxx/CVE-2016-0228.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0228", "ID": "CVE-2016-0228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Marketing Platform", "product_name": "Marketing Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "10.0" "version_value": "10.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22001952", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22001952" "lang": "eng",
}, "value": "IBM Marketing Platform 10.0 could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in various scripts. An attacker could exploit this vulnerability to redirect a victim to arbitrary Web sites. IBM X-Force ID: 110236."
{ }
"name" : "97670", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97670" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22001952",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22001952"
},
{
"name": "97670",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97670"
}
]
}
}

140
2016/0xxx/CVE-2016-0829.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-0829", "ID": "CVE-2016-0829",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering a QUEUE_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338109."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-03-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-03-01.html" "lang": "eng",
}, "value": "The BnGraphicBufferProducer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not initialize a certain output data structure, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering a QUEUE_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338109."
{ }
"name" : "https://android.googlesource.com/platform/frameworks/native/+/d06421fd37fbb7fd07002e6738fac3a223cb1a62", ]
"refsource" : "CONFIRM", },
"url" : "https://android.googlesource.com/platform/frameworks/native/+/d06421fd37fbb7fd07002e6738fac3a223cb1a62" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "84261", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84261" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/frameworks/native/+/d06421fd37fbb7fd07002e6738fac3a223cb1a62",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/native/+/d06421fd37fbb7fd07002e6738fac3a223cb1a62"
},
{
"name": "84261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84261"
},
{
"name": "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-03-01.html"
}
]
}
}

160
2016/1xxx/CVE-2016-1030.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1030", "ID": "CVE-2016-1030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to bypass intended access restrictions via unspecified vectors."
{ }
"name" : "RHSA-2016:0610", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0610.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2016:1305", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2016:1306", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" ]
}, },
{ "references": {
"name" : "1035509", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035509" "name": "SUSE-SU-2016:1305",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
} },
} {
"name": "openSUSE-SU-2016:1306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "1035509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035509"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
]
}
}

140
2016/1xxx/CVE-2016-1208.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1208", "ID": "CVE-2016-1208",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://help.filemaker.com/app/answers/detail/a_id/15364", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://help.filemaker.com/app/answers/detail/a_id/15364" "lang": "eng",
}, "value": "The server in Apple FileMaker before 14.0.4 on OS X allows remote attackers to read PHP source code via unspecified vectors."
{ }
"name" : "JVN#91638315", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN91638315/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000063", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000063" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://help.filemaker.com/app/answers/detail/a_id/15364",
"refsource": "CONFIRM",
"url": "http://help.filemaker.com/app/answers/detail/a_id/15364"
},
{
"name": "JVN#91638315",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN91638315/index.html"
},
{
"name": "JVNDB-2016-000063",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000063"
}
]
}
}

190
2016/1xxx/CVE-2016-1254.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2016-1254", "ID": "CVE-2016-1254",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.torproject.org/blog/tor-02812-released", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blog.torproject.org/blog/tor-02812-released" "lang": "eng",
}, "value": "Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor."
{ }
"name" : "https://gitweb.torproject.org/tor.git/commit/?id=d978216dea6b21ac38230a59d172139185a68dbd", ]
"refsource" : "CONFIRM", },
"url" : "https://gitweb.torproject.org/tor.git/commit/?id=d978216dea6b21ac38230a59d172139185a68dbd" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://trac.torproject.org/projects/tor/ticket/21018", "description": [
"refsource" : "CONFIRM", {
"url" : "https://trac.torproject.org/projects/tor/ticket/21018" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3741", ]
"refsource" : "DEBIAN", }
"url" : "https://www.debian.org/security/2016/dsa-3741" ]
}, },
{ "references": {
"name" : "FEDORA-2016-76b646637e", "reference_data": [
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXOJSMCTIOHLBRYFBVEL3CDLGPZXX6WE/" "name": "openSUSE-SU-2016:3281",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00154.html"
"name" : "FEDORA-2016-95b4e9077e", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTU2R253477RZLYAJAR5DAXAON7KIVLA/" "name": "FEDORA-2016-95b4e9077e",
}, "refsource": "FEDORA",
{ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTU2R253477RZLYAJAR5DAXAON7KIVLA/"
"name" : "openSUSE-SU-2016:3281", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00154.html" "name": "https://blog.torproject.org/blog/tor-02812-released",
}, "refsource": "CONFIRM",
{ "url": "https://blog.torproject.org/blog/tor-02812-released"
"name" : "openSUSE-SU-2016:3282", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-12/msg00155.html" "name": "openSUSE-SU-2016:3282",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00155.html"
} },
} {
"name": "DSA-3741",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2016/dsa-3741"
},
{
"name": "https://trac.torproject.org/projects/tor/ticket/21018",
"refsource": "CONFIRM",
"url": "https://trac.torproject.org/projects/tor/ticket/21018"
},
{
"name": "FEDORA-2016-76b646637e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FXOJSMCTIOHLBRYFBVEL3CDLGPZXX6WE/"
},
{
"name": "https://gitweb.torproject.org/tor.git/commit/?id=d978216dea6b21ac38230a59d172139185a68dbd",
"refsource": "CONFIRM",
"url": "https://gitweb.torproject.org/tor.git/commit/?id=d978216dea6b21ac38230a59d172139185a68dbd"
}
]
}
}

160
2016/5xxx/CVE-2016-5205.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5205", "ID": "CVE-2016-5205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac", "product_name": "Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac" "version_value": "Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "insufficient policy enforcement"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Blink in Google Chrome prior to 55.0.2883.75 for Linux, Windows and Mac, incorrectly handles deferred page loads, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page."
{ }
"name" : "https://crbug.com/646610", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/646610" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201612-11", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-11" "lang": "eng",
}, "value": "insufficient policy enforcement"
{ }
"name" : "RHSA-2016:2919", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" ]
}, },
{ "references": {
"name" : "94633", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94633" "name": "RHSA-2016:2919",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html"
} },
} {
"name": "https://crbug.com/646610",
"refsource": "CONFIRM",
"url": "https://crbug.com/646610"
},
{
"name": "94633",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94633"
},
{
"name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html"
},
{
"name": "GLSA-201612-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-11"
}
]
}
}

190
2016/5xxx/CVE-2016-5331.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5331", "ID": "CVE-2016-5331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160805 [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/539128/100/0/threaded" "lang": "eng",
}, "value": "CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
{ }
"name" : "20160805 [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Aug/38" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html" ]
}, },
{ "references": {
"name" : "92324", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92324" "name": "1036543",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036543"
"name" : "1036543", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036543" "name": "92324",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/92324"
"name" : "1036544", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036544" "name": "1036544",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036544"
"name" : "1036545", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036545" "name": "20160805 [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/539128/100/0/threaded"
} },
} {
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html"
},
{
"name": "20160805 [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/38"
},
{
"name": "1036545",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036545"
},
{
"name": "http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138211/VMware-vSphere-Hypervisor-ESXi-HTTP-Response-Injection.html"
}
]
}
}

130
2016/5xxx/CVE-2016-5796.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-5796", "ID": "CVE-2016-5796",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Fatek Automation Designer 2.1.2.2", "product_name": "Fatek Automation Designer 2.1.2.2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Fatek Automation Designer 2.1.2.2" "version_value": "Fatek Automation Designer 2.1.2.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a Memory Buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Fatek Automation Designer Memory Corruption Vulnerabilities"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06" "lang": "eng",
}, "value": "An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. Sending additional valid packets could allow the attacker to cause a crash or to execute arbitrary code, because of Improper Restriction of Operations within the Bounds of a Memory Buffer."
{ }
"name" : "93105", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93105" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Fatek Automation Designer Memory Corruption Vulnerabilities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93105",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93105"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-287-06"
}
]
}
}

170
2016/5xxx/CVE-2016-5841.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5841", "ID": "CVE-2016-5841",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/23/1" "lang": "eng",
}, "value": "Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable."
{ }
"name" : "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/25/3" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b" ]
}, },
{ "references": {
"name" : "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1" "name": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/ImageMagick/ImageMagick/commits/7.0.2-1"
"name" : "91394", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91394" "name": "91394",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91394"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "[oss-security] 20160625 Re: Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/25/3"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/commit/d8ab7f046587f2e9f734b687ba7e6e10147c294b"
},
{
"name": "[oss-security] 20160623 Fwd: out-of-bounds read in MagickCore/property.c:1396 could lead to memory leak/ Integer overflow read to RCE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/1"
}
]
}
}

34
2016/5xxx/CVE-2016-5875.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-5875", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-5875",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-5314. Reason: This candidate is a reservation duplicate of CVE-2016-5314. Notes: All CVE users should reference CVE-2016-5314 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

34
2018/2xxx/CVE-2018-2055.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2055", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2055",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

210
2018/2xxx/CVE-2018-2639.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2639", "ID": "CVE-2018-2639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Java", "product_name": "Java",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "Java SE: 8u152" "version_value": "Java SE: 8u152"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "9.0.1" "version_value": "9.0.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180117-0001/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180117-0001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", "description": [
"refsource" : "CONFIRM", {
"url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" "lang": "eng",
}, "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE."
{ }
"name" : "RHSA-2018:0099", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2018:0099" ]
}, },
{ "references": {
"name" : "RHSA-2018:0351", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0351" "name": "RHSA-2018:0351",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0351"
"name" : "RHSA-2018:0352", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0352" "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name" : "RHSA-2018:1463", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:1463" "name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
"name" : "102556", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102556" "name": "RHSA-2018:0352",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0352"
"name" : "1040203", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040203" "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
} "refsource": "CONFIRM",
] "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
} },
} {
"name": "RHSA-2018:0099",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0099"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "102556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102556"
}
]
}
}

34
2019/0xxx/CVE-2019-0229.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0229", "ID": "CVE-2019-0229",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0401.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0401", "ID": "CVE-2019-0401",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0468.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0468", "ID": "CVE-2019-0468",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0934.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0934", "ID": "CVE-2019-0934",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

136
2019/1000xxx/CVE-2019-1000017.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2019-01-22T21:21:10.023850", "DATE_ASSIGNED": "2019-01-22T21:21:10.023850",
"DATE_REQUESTED" : "2019-01-16T16:16:03", "DATE_REQUESTED": "2019-01-16T16:16:03",
"ID" : "CVE-2019-1000017", "ID": "CVE-2019-1000017",
"REQUESTER" : "jarnaut@dognaedis.com", "REQUESTER": "jarnaut@dognaedis.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be exploitable via ticket_id=[ticket number]. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03" "lang": "eng",
}, "value": "Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be exploitable via ticket_id=[ticket number]. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03."
{ }
"name" : "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-34-2019-01-14-Moderate-risk-moderate-impact-XSS-and-unauthorized-access", ]
"refsource" : "MISC", },
"url" : "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-34-2019-01-14-Moderate-risk-moderate-impact-XSS-and-unauthorized-access" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03",
"refsource": "MISC",
"url": "https://github.com/chamilo/chamilo-lms/commit/33e2692a37b5b6340cf5bec1a84e541460983c03"
},
{
"name": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-34-2019-01-14-Moderate-risk-moderate-impact-XSS-and-unauthorized-access",
"refsource": "MISC",
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-34-2019-01-14-Moderate-risk-moderate-impact-XSS-and-unauthorized-access"
}
]
}
}

34
2019/1xxx/CVE-2019-1239.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1239", "ID": "CVE-2019-1239",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1335.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1335", "ID": "CVE-2019-1335",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2019/1xxx/CVE-2019-1684.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC" : "2019-02-20T16:00:00-0800", "DATE_PUBLIC": "2019-02-20T16:00:00-0800",
"ID" : "CVE-2019-1684", "ID": "CVE-2019-1684",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability" "TITLE": "Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco IP Phone 8800 Series Software ", "product_name": "Cisco IP Phone 8800 Series Software ",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"version_value" : "12.6(1)MN80" "version_value": "12.6(1)MN80"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cisco" "vendor_name": "Cisco"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact" : {
"cvss" : {
"baseScore" : "6.5",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-399"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos" "lang": "eng",
}, "value": "A vulnerability in the Cisco Discovery Protocol or Link Layer Discovery Protocol (LLDP) implementation for the Cisco IP Phone 7800 and 8800 Series could allow an unauthenticated, adjacent attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to missing length validation of certain Cisco Discovery Protocol or LLDP packet header fields. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol or LLDP packet to the targeted phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. Versions prior to 12.6(1)MN80 are affected."
{ }
"name" : "107104", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107104" "exploit": [
} {
] "lang": "eng",
}, "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
"source" : { }
"advisory" : "cisco-sa-20190220-cdp-lldp-dos", ],
"defect" : [ "impact": {
[ "cvss": {
"CSCvn47250" "baseScore": "6.5",
] "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ",
], "version": "3.0"
"discovery" : "INTERNAL" }
} },
} "problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190220 Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos"
},
{
"name": "107104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107104"
}
]
},
"source": {
"advisory": "cisco-sa-20190220-cdp-lldp-dos",
"defect": [
[
"CSCvn47250"
]
],
"discovery": "INTERNAL"
}
}

34
2019/1xxx/CVE-2019-1726.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1726", "ID": "CVE-2019-1726",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1847.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1847", "ID": "CVE-2019-1847",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4216.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4216", "ID": "CVE-2019-4216",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4224.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4224", "ID": "CVE-2019-4224",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4687.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4687", "ID": "CVE-2019-4687",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4877.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4877", "ID": "CVE-2019-4877",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5187.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5187", "ID": "CVE-2019-5187",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5255.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5255", "ID": "CVE-2019-5255",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5571.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5571", "ID": "CVE-2019-5571",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9351.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9351", "ID": "CVE-2019-9351",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9361.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9361", "ID": "CVE-2019-9361",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9504.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9504", "ID": "CVE-2019-9504",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }