admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:11:18 +00:00
parent f4dd23d9d0
commit 4137ea2631
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3596 additions and 3596 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

310
2007/0xxx/CVE-2007-0006.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-0006", "ID": "CVE-2007-0006",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as \"spinlock CPU recursion.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070615 rPSA-2007-0124-1 kernel xen", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471457" "lang": "eng",
}, "value": "The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as \"spinlock CPU recursion.\""
{ }
"name" : "http://bugzilla.kernel.org/show_bug.cgi?id=7727", ]
"refsource" : "CONFIRM", },
"url" : "http://bugzilla.kernel.org/show_bug.cgi?id=7727" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.rpath.com/browse/RPL-1097", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.rpath.com/browse/RPL-1097" ]
}, },
{ "references": {
"name" : "MDKSA-2007:047", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047" "name": "RHSA-2007:0099",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0099.html"
"name" : "MDKSA-2007:060", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060" "name": "24429",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24429"
"name" : "RHSA-2007:0085", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0085.html" "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=227495"
"name" : "RHSA-2007:0099", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0099.html" "name": "http://bugzilla.kernel.org/show_bug.cgi?id=7727",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.kernel.org/show_bug.cgi?id=7727"
"name" : "SUSE-SA:2007:021", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_21_kernel.html" "name": "24259",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24259"
"name" : "USN-451-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-451-1" "name": "USN-451-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-451-1"
"name" : "22539", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22539" "name": "MDKSA-2007:047",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:047"
"name" : "oval:org.mitre.oval:def:9829", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9829" "name": "SUSE-SA:2007:021",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_21_kernel.html"
"name" : "24109", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24109" "name": "oval:org.mitre.oval:def:9829",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9829"
"name" : "24259", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24259" "name": "24300",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24300"
"name" : "24300", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24300" "name": "20070615 rPSA-2007-0124-1 kernel xen",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/471457"
"name" : "24429", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24429" "name": "24482",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24482"
"name" : "24482", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24482" "name": "RHSA-2007:0085",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0085.html"
"name" : "24547", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24547" "name": "24752",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24752"
"name" : "24752", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24752" "name": "24547",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24547"
"name" : "25691", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25691" "name": "24109",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24109"
} },
} {
"name": "https://issues.rpath.com/browse/RPL-1097",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1097"
},
{
"name": "22539",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22539"
},
{
"name": "25691",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25691"
},
{
"name": "MDKSA-2007:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:060"
}
]
}
}

190
2007/0xxx/CVE-2007-0798.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0798", "ID": "CVE-2007-0798",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to (2) badword.asp, (3) polls.asp, and (4) users.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070203 Ublog Reload Admin Panel Multiple HTML Injections", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/459027/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) login.asp; and allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters to (2) badword.asp, (3) polls.asp, and (4) users.asp."
{ }
"name" : "http://www.hackerscenter.com/archive/view.asp?id=27270", ]
"refsource" : "MISC", },
"url" : "http://www.hackerscenter.com/archive/view.asp?id=27270" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22382", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22382" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33641", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33641" ]
}, },
{ "references": {
"name" : "33642", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33642" "name": "33643",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/33643"
"name" : "33643", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33643" "name": "http://www.hackerscenter.com/archive/view.asp?id=27270",
}, "refsource": "MISC",
{ "url": "http://www.hackerscenter.com/archive/view.asp?id=27270"
"name" : "33644", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33644" "name": "ublog-login-xss(32185)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32185"
"name" : "ublog-login-xss(32185)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32185" "name": "33644",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33644"
} },
} {
"name": "20070203 Ublog Reload Admin Panel Multiple HTML Injections",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459027/100/0/threaded"
},
{
"name": "33642",
"refsource": "OSVDB",
"url": "http://osvdb.org/33642"
},
{
"name": "22382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22382"
},
{
"name": "33641",
"refsource": "OSVDB",
"url": "http://osvdb.org/33641"
}
]
}
}

150
2007/0xxx/CVE-2007-0965.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0965", "ID": "CVE-2007-0965",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070214 Multiple Vulnerabilities in Firewall Services Module", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml" "lang": "eng",
}, "value": "Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use \"aaa authentication match\" or \"aaa authentication include\", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request."
{ }
"name" : "22561", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22561" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0609", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0609" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24172", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24172" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2007-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0609"
},
{
"name": "22561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22561"
},
{
"name": "24172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24172"
},
{
"name": "20070214 Multiple Vulnerabilities in Firewall Services Module",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
}
]
}
}

160
2007/0xxx/CVE-2007-0979.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0979", "ID": "CVE-2007-0979",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote attackers to obtain sensitive information (file contents) via a \"crafted URL.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.lifetype.net/blog/lifetype-development-journal/releases", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.lifetype.net/blog/lifetype-development-journal/releases" "lang": "eng",
}, "value": "Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote attackers to obtain sensitive information (file contents) via a \"crafted URL.\""
{ }
"name" : "22572", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22572" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0616", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0616" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33210", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33210" ]
}, },
{ "references": {
"name" : "24170", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24170" "name": "33210",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33210"
} },
} {
"name": "24170",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24170"
},
{
"name": "http://www.lifetype.net/blog/lifetype-development-journal/releases",
"refsource": "CONFIRM",
"url": "http://www.lifetype.net/blog/lifetype-development-journal/releases"
},
{
"name": "22572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22572"
},
{
"name": "ADV-2007-0616",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0616"
}
]
}
}

130
2007/1xxx/CVE-2007-1823.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1823", "ID": "CVE-2007-1823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#726548", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/726548" "lang": "eng",
}, "value": "T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID)."
{ }
"name" : "34986", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/34986" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34986",
"refsource": "OSVDB",
"url": "http://osvdb.org/34986"
},
{
"name": "VU#726548",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/726548"
}
]
}
}

34
2007/3xxx/CVE-2007-3595.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2007-3595", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2007-3595",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candidate is a duplicate of CVE-2007-3399. Notes: All CVE users should reference CVE-2007-3399 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candidate is a duplicate of CVE-2007-3399. Notes: All CVE users should reference CVE-2007-3399 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

430
2007/3xxx/CVE-2007-3799.json
View File

@ -1,217 +1,217 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3799", "ID": "CVE-2007-3799",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php-security.org/MOPB/PMOPB-46-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.php-security.org/MOPB/PMOPB-46-2007.html" "lang": "eng",
}, "value": "The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the session_id function, and (3) the session_start function, which are not encoded or filtered when the new session cookie is generated, a related issue to CVE-2006-0207."
{ }
"name" : "https://issues.rpath.com/browse/RPL-1693", ]
"refsource" : "CONFIRM", },
"url" : "https://issues.rpath.com/browse/RPL-1693" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://launchpad.net/bugs/173043", ]
"refsource" : "CONFIRM", }
"url" : "https://launchpad.net/bugs/173043" ]
}, },
{ "references": {
"name" : "http://docs.info.apple.com/article.html?artnum=307562", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307562" "name": "30288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30288"
"name" : "APPLE-SA-2008-03-18", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" "name": "https://launchpad.net/bugs/173043",
}, "refsource": "CONFIRM",
{ "url": "https://launchpad.net/bugs/173043"
"name" : "DSA-1444", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1444" "name": "RHSA-2007:0888",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0888.html"
"name" : "DSA-1578", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1578" "name": "24268",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24268"
"name" : "FEDORA-2007-709", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html" "name": "FEDORA-2007-709",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html"
"name" : "MDKSA-2007:187", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187" "name": "26967",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26967"
"name" : "RHSA-2007:0890", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0890.html" "name": "DSA-1444",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1444"
"name" : "RHSA-2007:0889", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0889.html" "name": "27351",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27351"
"name" : "RHSA-2007:0888", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0888.html" "name": "ADV-2008-0924",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0924/references"
"name" : "RHSA-2007:0891", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0891.html" "name": "27864",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27864"
"name" : "SUSE-SR:2007:015", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_15_sr.html" "name": "26930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26930"
"name" : "USN-549-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/549-1/" "name": "29420",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29420"
"name" : "USN-549-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-549-2" "name": "APPLE-SA-2008-03-18",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
"name" : "24268", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24268" "name": "RHSA-2007:0889",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2007-0889.html"
"name" : "36855", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36855" "name": "USN-549-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/549-1/"
"name" : "oval:org.mitre.oval:def:9792", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792" "name": "https://issues.rpath.com/browse/RPL-1693",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1693"
"name" : "ADV-2008-0924", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0924/references" "name": "28249",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28249"
"name" : "26930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26930" "name": "DSA-1578",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1578"
"name" : "26871", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26871" "name": "27545",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27545"
"name" : "26895", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26895" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm"
"name" : "26967", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26967" "name": "36855",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36855"
"name" : "27351", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27351" "name": "27377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27377"
"name" : "27377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27377" "name": "http://www.php-security.org/MOPB/PMOPB-46-2007.html",
}, "refsource": "MISC",
{ "url": "http://www.php-security.org/MOPB/PMOPB-46-2007.html"
"name" : "27545", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27545" "name": "http://docs.info.apple.com/article.html?artnum=307562",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307562"
"name" : "27864", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27864" "name": "MDKSA-2007:187",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:187"
"name" : "28249", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28249" "name": "26895",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26895"
"name" : "29420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29420" "name": "oval:org.mitre.oval:def:9792",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9792"
"name" : "30288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30288" "name": "USN-549-2",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/usn-549-2"
} },
} {
"name": "RHSA-2007:0890",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0890.html"
},
{
"name": "RHSA-2007:0891",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0891.html"
},
{
"name": "26871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26871"
},
{
"name": "SUSE-SR:2007:015",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html"
}
]
}
}

230
2007/3xxx/CVE-2007-3862.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3862", "ID": "CVE-2007-3862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 allows remote attackers to have an unknown impact via Oracle Single Sign On, aka AS01."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", }
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" ]
}, },
{ "references": {
"name" : "SSRT061201", "reference_data": [
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143" "name": "SSRT061201",
}, "refsource": "HP",
{ "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
"name" : "TA07-200A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-200A.html" "name": "26114",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26114"
"name" : "ADV-2007-2562", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2562" "name": "26166",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26166"
"name" : "ADV-2007-2635", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2635" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html"
"name" : "1018415", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018415" "name": "TA07-200A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-200A.html"
"name" : "26114", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26114" "name": "ADV-2007-2562",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2562"
"name" : "26166", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26166" "name": "ADV-2007-2635",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2635"
"name" : "oracle-cpu-july2007(35490)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490" "name": "HPSBMA02133",
} "refsource": "HP",
] "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143"
} },
} {
"name": "oracle-cpu-july2007(35490)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35490"
},
{
"name": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf",
"refsource": "MISC",
"url": "http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf"
},
{
"name": "1018415",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018415"
},
{
"name": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html"
}
]
}
}

190
2007/4xxx/CVE-2007-4153.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4153", "ID": "CVE-2007-4153",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://codex.wordpress.org/Roles_and_Capabilities", "description_data": [
"refsource" : "MISC", {
"url" : "http://codex.wordpress.org/Roles_and_Capabilities" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) the Options Database Table in the Admin Panel, accessed through options.php; or (2) the opml_url parameter to link-import.php. NOTE: this might not cross privilege boundaries in some configurations, since the Administrator role has the unfiltered_html capability."
{ }
"name" : "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/", ]
"refsource" : "MISC", },
"url" : "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1564", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1564" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "46994", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/46994" ]
}, },
{ "references": {
"name" : "46995", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/46995" "name": "wordpress-options-xss(35722)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722"
"name" : "30013", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30013" "name": "http://codex.wordpress.org/Roles_and_Capabilities",
}, "refsource": "MISC",
{ "url": "http://codex.wordpress.org/Roles_and_Capabilities"
"name" : "wordpress-linkimport-xss(35720)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720" "name": "30013",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30013"
"name" : "wordpress-options-xss(35722)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35722" "name": "wordpress-linkimport-xss(35720)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35720"
} },
} {
"name": "46995",
"refsource": "OSVDB",
"url": "http://osvdb.org/46995"
},
{
"name": "DSA-1564",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1564"
},
{
"name": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/",
"refsource": "MISC",
"url": "http://mybeni.rootzilla.de/mybeNi/2007/wordpress_zeroday_vulnerability_roundhouse_kick_and_why_i_nearly_wrote_the_first_blog_worm/"
},
{
"name": "46994",
"refsource": "OSVDB",
"url": "http://osvdb.org/46994"
}
]
}
}

200
2007/4xxx/CVE-2007-4335.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4335", "ID": "CVE-2007-4335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070810 [HS-A007] Qbik WinGate Remote Denial of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/476011/100/0/threaded" "lang": "eng",
}, "value": "Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging."
{ }
"name" : "http://www.harmonysecurity.com/HS-A007.html", ]
"refsource" : "MISC", },
"url" : "http://www.harmonysecurity.com/HS-A007.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.wingate.com/news.php?id=50", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.wingate.com/news.php?id=50" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25272", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25272" ]
}, },
{ "references": {
"name" : "25303", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25303" "name": "http://www.harmonysecurity.com/HS-A007.html",
}, "refsource": "MISC",
{ "url": "http://www.harmonysecurity.com/HS-A007.html"
"name" : "ADV-2007-2859", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2859" "name": "http://www.wingate.com/news.php?id=50",
}, "refsource": "CONFIRM",
{ "url": "http://www.wingate.com/news.php?id=50"
"name" : "26412", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26412" "name": "3001",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3001"
"name" : "3001", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3001" "name": "25272",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25272"
"name" : "qbik-smtp-dos(35950)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950" "name": "25303",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/25303"
} },
} {
"name": "qbik-smtp-dos(35950)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35950"
},
{
"name": "20070810 [HS-A007] Qbik WinGate Remote Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476011/100/0/threaded"
},
{
"name": "26412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26412"
},
{
"name": "ADV-2007-2859",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2859"
}
]
}
}

180
2007/4xxx/CVE-2007-4707.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4707", "ID": "CVE-2007-4707",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=307176", "description_data": [
"refsource" : "MISC", {
"url" : "http://docs.info.apple.com/article.html?artnum=307176" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in the Flash media handler in Apple QuickTime before 7.3.1 allow remote attackers to execute arbitrary code or have other unspecified impacts via a crafted QuickTime movie."
{ }
"name" : "APPLE-SA-2007-12-13", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26866", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26866" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-4217", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/4217" ]
}, },
{ "references": {
"name" : "1019099", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019099" "name": "ADV-2007-4217",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4217"
"name" : "28092", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28092" "name": "quicktime-flash-media-code-execution(39030)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39030"
"name" : "quicktime-flash-media-code-execution(39030)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39030" "name": "26866",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/26866"
} },
} {
"name": "http://docs.info.apple.com/article.html?artnum=307176",
"refsource": "MISC",
"url": "http://docs.info.apple.com/article.html?artnum=307176"
},
{
"name": "APPLE-SA-2007-12-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00000.html"
},
{
"name": "28092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28092"
},
{
"name": "1019099",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019099"
}
]
}
}

180
2014/5xxx/CVE-2014-5161.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5161", "ID": "CVE-2014-5161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2014-08.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2014-08.html" "lang": "eng",
}, "value": "The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet."
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=16f8ba1bed579344df373bf38fff552ab8baf380", ]
"refsource" : "CONFIRM", },
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=16f8ba1bed579344df373bf38fff552ab8baf380" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3002", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2014/dsa-3002" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2014:1221", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2014:1038", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html" "name": "openSUSE-SU-2014:1249",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html"
"name" : "openSUSE-SU-2014:1249", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html" "name": "SUSE-SU-2014:1221",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html"
"name" : "57593", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/57593" "name": "DSA-3002",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2014/dsa-3002"
} },
} {
"name": "openSUSE-SU-2014:1038",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2014-08.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2014-08.html"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=16f8ba1bed579344df373bf38fff552ab8baf380",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=16f8ba1bed579344df373bf38fff552ab8baf380"
},
{
"name": "57593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57593"
}
]
}
}

130
2014/5xxx/CVE-2014-5382.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5382", "ID": "CVE-2014-5382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140710 SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Jul/40" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Schrack Technik microControl with firmware 1.7.0 (937) allow remote attackers to inject arbitrary web script or HTML via the position textbox in the configuration menu or other unspecified vectors."
{ }
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt", ]
"refsource" : "MISC", },
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140710 SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/40"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140710-2_Schrack_Technik_Microcontrol_Multiple_critical_vulnerabilities_v10.txt"
}
]
}
}

34
2014/5xxx/CVE-2014-5486.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5486", "ID": "CVE-2014-5486",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/5xxx/CVE-2014-5545.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5545", "ID": "CVE-2014-5545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Sprint jump (aka air.com.ilaz.appilas) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Sprint jump (aka air.com.ilaz.appilas) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#744769", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/744769" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#744769",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/744769"
}
]
}
}

140
2014/5xxx/CVE-2014-5801.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5801", "ID": "CVE-2014-5801",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DataGard VPN + AV (aka ocshield.com) application @7F050013 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The DataGard VPN + AV (aka ocshield.com) application @7F050013 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#220465", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/220465" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#220465",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/220465"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

190
2015/2xxx/CVE-2015-2156.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2156", "ID": "CVE-2015-2156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150516 Netty/Play's Security Updates (CVE-2015-2156)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/05/17/1" "lang": "eng",
}, "value": "Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters."
{ }
"name" : "https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass", ]
"refsource" : "MISC", },
"url" : "https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1222923", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1222923" ]
}, },
{ "references": {
"name" : "https://github.com/netty/netty/pull/3754", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/netty/netty/pull/3754" "name": "http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html",
}, "refsource": "CONFIRM",
{ "url": "http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html"
"name" : "FEDORA-2015-8684", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159166.html" "name": "https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass",
}, "refsource": "MISC",
{ "url": "https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass"
"name" : "FEDORA-2015-8713", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159379.html" "name": "FEDORA-2015-8713",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159379.html"
"name" : "74704", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74704" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1222923",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1222923"
} },
} {
"name": "https://github.com/netty/netty/pull/3754",
"refsource": "CONFIRM",
"url": "https://github.com/netty/netty/pull/3754"
},
{
"name": "FEDORA-2015-8684",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159166.html"
},
{
"name": "74704",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74704"
},
{
"name": "[oss-security] 20150516 Netty/Play's Security Updates (CVE-2015-2156)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/17/1"
}
]
}
}

34
2015/2xxx/CVE-2015-2457.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-2457", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-2457",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

140
2015/2xxx/CVE-2015-2493.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2493", "ID": "CVE-2015-2493",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-094", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" "lang": "eng",
}, "value": "The (1) VBScript and (2) JScript engines in Microsoft Internet Explorer 8 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
{ }
"name" : "76575", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76575" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033487", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033487" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name": "76575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76575"
},
{
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}
}

140
2015/2xxx/CVE-2015-2589.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-2589", "ID": "CVE-2015-2589",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availability via vectors related to S10 Branded Zone."
{ }
"name" : "75878", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75878" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032914", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032914" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032914",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032914"
},
{
"name": "75878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75878"
}
]
}
}

180
2015/2xxx/CVE-2015-2742.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-2742", "ID": "CVE-2015-2742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-68.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-68.html" "lang": "eng",
}, "value": "Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of crashes, which allows remote attackers to obtain sensitive information by leveraging access to a crash-reporting data stream."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1138669", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1138669" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" ]
}, },
{ "references": {
"name" : "GLSA-201512-10", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201512-10" "name": "GLSA-201512-10",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201512-10"
"name" : "75541", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75541" "name": "75541",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/75541"
"name" : "1032783", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032783" "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-68.html",
} "refsource": "CONFIRM",
] "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-68.html"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138669",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1138669"
},
{
"name": "1032783",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032783"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}

34
2015/6xxx/CVE-2015-6437.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6437", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6437",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

170
2015/6xxx/CVE-2015-6545.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6545", "ID": "CVE-2015-6545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150902 Cross-Site Request Forgery in Cerb", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536376/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action."
{ }
"name" : "38074", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/38074/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.htbridge.com/advisory/HTB23269", "description": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23269" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/133404/Cerb-7.0.3-Cross-Site-Request-Forgery.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/133404/Cerb-7.0.3-Cross-Site-Request-Forgery.html" ]
}, },
{ "references": {
"name" : "http://wiki.cerbweb.com/7.0#7.0.4", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://wiki.cerbweb.com/7.0#7.0.4" "name": "http://packetstormsecurity.com/files/133404/Cerb-7.0.3-Cross-Site-Request-Forgery.html",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/133404/Cerb-7.0.3-Cross-Site-Request-Forgery.html"
"name" : "https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144" "name": "https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144",
} "refsource": "CONFIRM",
] "url": "https://github.com/wgm/cerb/commit/12de87ff9961a4f3ad2946c8f47dd0c260607144"
} },
} {
"name": "20150902 Cross-Site Request Forgery in Cerb",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536376/100/0/threaded"
},
{
"name": "https://www.htbridge.com/advisory/HTB23269",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23269"
},
{
"name": "38074",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38074/"
},
{
"name": "http://wiki.cerbweb.com/7.0#7.0.4",
"refsource": "CONFIRM",
"url": "http://wiki.cerbweb.com/7.0#7.0.4"
}
]
}
}

260
2015/6xxx/CVE-2015-6855.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-6855", "ID": "CVE-2015-6855",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[Qemu-devel] 20150907 [PATCH] ide: fix ATAPI command permissions", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg02479.html" "lang": "eng",
}, "value": "hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash."
{ }
"name" : "[oss-security] 20150910 CVE request Qemu: ide: divide by zero issue", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/09/10/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20150910 Re: CVE request Qemu: ide: divide by zero issue", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/10/2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3361", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3361" ]
}, },
{ "references": {
"name" : "DSA-3362", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3362" "name": "DSA-3361",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3361"
"name" : "FEDORA-2015-16368", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html" "name": "76691",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76691"
"name" : "FEDORA-2015-16369", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html" "name": "FEDORA-2015-16369",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html"
"name" : "FEDORA-2015-16370", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167369.html" "name": "FEDORA-2015-16370",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167369.html"
"name" : "FEDORA-2015-4896530727", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169327.html" "name": "FEDORA-2015-d6ea74993a",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169341.html"
"name" : "FEDORA-2015-8dc71ade88", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html" "name": "[oss-security] 20150910 Re: CVE request Qemu: ide: divide by zero issue",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/09/10/2"
"name" : "FEDORA-2015-d6ea74993a", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169341.html" "name": "SUSE-SU-2015:1782",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html"
"name" : "GLSA-201602-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201602-01" "name": "[oss-security] 20150910 CVE request Qemu: ide: divide by zero issue",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/09/10/1"
"name" : "SUSE-SU-2015:1782", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html" "name": "FEDORA-2015-16368",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html"
"name" : "USN-2745-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2745-1" "name": "DSA-3362",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3362"
"name" : "76691", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76691" "name": "USN-2745-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2745-1"
} },
} {
"name": "FEDORA-2015-8dc71ade88",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html"
},
{
"name": "[Qemu-devel] 20150907 [PATCH] ide: fix ATAPI command permissions",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg02479.html"
},
{
"name": "FEDORA-2015-4896530727",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169327.html"
},
{
"name": "GLSA-201602-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-01"
}
]
}
}

34
2015/7xxx/CVE-2015-7143.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7143", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7143",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

170
2015/7xxx/CVE-2015-7984.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7984", "ID": "CVE-2015-7984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38765", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38765/" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the authentication of administrators for requests that execute arbitrary (1) commands via the cmd parameter to admin/cmdshell.php, (2) SQL queries via the sql parameter to admin/sqlshell.php, or (3) PHP code via the php parameter to admin/phpshell.php."
{ }
"name" : "[announce] 20151021 [SECURITY] Horde 5.2.8 (final)", ]
"refsource" : "MLIST", },
"url" : "http://lists.horde.org/archives/announce/2015/001124.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[announce] 20151022 [SECURITY] Horde Groupware 5.2.11 (final)", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.horde.org/archives/announce/2015/001137.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[announce] 20151022 [SECURITY] Horde Groupware Webmail Edition 5.2.11 (final)", ]
"refsource" : "MLIST", }
"url" : "http://lists.horde.org/archives/announce/2015/001138.html" ]
}, },
{ "references": {
"name" : "https://www.htbridge.com/advisory/HTB23272", "reference_data": [
"refsource" : "MISC", {
"url" : "https://www.htbridge.com/advisory/HTB23272" "name": "[announce] 20151021 [SECURITY] Horde 5.2.8 (final)",
}, "refsource": "MLIST",
{ "url": "http://lists.horde.org/archives/announce/2015/001124.html"
"name" : "DSA-3391", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3391" "name": "[announce] 20151022 [SECURITY] Horde Groupware Webmail Edition 5.2.11 (final)",
} "refsource": "MLIST",
] "url": "http://lists.horde.org/archives/announce/2015/001138.html"
} },
} {
"name": "38765",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38765/"
},
{
"name": "DSA-3391",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3391"
},
{
"name": "[announce] 20151022 [SECURITY] Horde Groupware 5.2.11 (final)",
"refsource": "MLIST",
"url": "http://lists.horde.org/archives/announce/2015/001137.html"
},
{
"name": "https://www.htbridge.com/advisory/HTB23272",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23272"
}
]
}
}

130
2016/0xxx/CVE-2016-0150.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0150", "ID": "CVE-2016-0150",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka \"HTTP.sys Denial of Service Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-049", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-049" "lang": "eng",
}, "value": "HTTP.sys in Microsoft Windows 10 Gold and 1511 allows remote attackers to cause a denial of service (system hang) via crafted HTTP 2.0 requests, aka \"HTTP.sys Denial of Service Vulnerability.\""
{ }
"name" : "1035546", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035546" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-049",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-049"
},
{
"name": "1035546",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035546"
}
]
}
}

160
2016/0xxx/CVE-2016-0226.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0226", "ID": "CVE-2016-0226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-208/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-208/" "lang": "eng",
}, "value": "The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file."
{ }
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-209/", ]
"refsource" : "MISC", },
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-209/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-210/", "description": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-210/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21978598", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21978598" ]
}, },
{ "references": {
"name" : "1035286", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035286" "name": "http://zerodayinitiative.com/advisories/ZDI-16-210/",
} "refsource": "MISC",
] "url": "http://zerodayinitiative.com/advisories/ZDI-16-210/"
} },
} {
"name": "http://zerodayinitiative.com/advisories/ZDI-16-209/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-209/"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21978598",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21978598"
},
{
"name": "1035286",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035286"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-208/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-208/"
}
]
}
}

120
2016/0xxx/CVE-2016-0390.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0390", "ID": "CVE-2016-0390",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Algorithmics Algo One Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981321", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981321" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in IBM Algorithmics Algo One Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981321",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981321"
}
]
}
}

130
2016/0xxx/CVE-2016-0889.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0889", "ID": "CVE-2016-0889",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160414 ESA-2016-036: EMC Unisphere for VMAX Virtual Appliance Arbitrary File Upload Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/Apr/83" "lang": "eng",
}, "value": "An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname."
{ }
"name" : "1035580", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035580" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035580",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035580"
},
{
"name": "20160414 ESA-2016-036: EMC Unisphere for VMAX Virtual Appliance Arbitrary File Upload Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Apr/83"
}
]
}
}

140
2016/0xxx/CVE-2016-0937.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0937", "ID": "CVE-2016-0937",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-011", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-011" "lang": "eng",
}, "value": "Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034646", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034646" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-011",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-011"
},
{
"name": "1034646",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034646"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html"
}
]
}
}

190
2016/0xxx/CVE-2016-0991.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0991", "ID": "CVE-2016-0991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000."
{ }
"name" : "GLSA-201603-07", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201603-07" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2016:0715", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:0716", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0719", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" "name": "openSUSE-SU-2016:0734",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
"name" : "openSUSE-SU-2016:0734", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" "name": "1035251",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035251"
"name" : "84312", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/84312" "name": "openSUSE-SU-2016:0719",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
"name" : "1035251", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035251" "name": "GLSA-201603-07",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201603-07"
} },
} {
"name": "SUSE-SU-2016:0715",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"name": "84312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84312"
},
{
"name": "SUSE-SU-2016:0716",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000242.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000242", "ID": "CVE-2016-1000242",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2016/4xxx/CVE-2016-4353.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-4353", "ID": "CVE-2016-4353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160429 CVE request: three issues in libksba", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/04/29/5" "lang": "eng",
}, "value": "ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data."
{ }
"name" : "[oss-security] 20160429 Re: CVE request: three issues in libksba", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/04/29/8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201604-04", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201604-04" ]
}, },
{ "references": {
"name" : "USN-2982-1", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2982-1" "name": "USN-2982-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2982-1"
} },
} {
"name": "[oss-security] 20160429 CVE request: three issues in libksba",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/29/5"
},
{
"name": "[oss-security] 20160429 Re: CVE request: three issues in libksba",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/04/29/8"
},
{
"name": "GLSA-201604-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-04"
},
{
"name": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a",
"refsource": "CONFIRM",
"url": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commit;h=07116a314f4dcd4d96990bbd74db95a03a9f650a"
}
]
}
}

120
2016/4xxx/CVE-2016-4435.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-4435", "ID": "CVE-2016-4435",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cloud Foundry", "product_name": "Cloud Foundry",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "BOSH stemcell versions prior to 3232.6 and 3146.13" "version_value": "BOSH stemcell versions prior to 3232.6 and 3146.13"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Pivotal" "vendor_name": "Pivotal"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DoS"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://pivotal.io/security/cve-2016-4435", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://pivotal.io/security/cve-2016-4435" "lang": "eng",
} "value": "An endpoint of the Agent running on the BOSH Director VM with stemcell versions prior to 3232.6 and 3146.13 may allow unauthenticated clients to read or write blobs or cause a denial of service attack on the Director VM. This vulnerability requires that the unauthenticated clients guess or find a URL matching an existing GUID."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://pivotal.io/security/cve-2016-4435",
"refsource": "CONFIRM",
"url": "https://pivotal.io/security/cve-2016-4435"
}
]
}
}

170
2016/4xxx/CVE-2016-4647.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4647", "ID": "CVE-2016-4647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-437/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-437/" "lang": "eng",
}, "value": "Audio in Apple OS X before 10.11.6 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted file."
{ }
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-438/", ]
"refsource" : "MISC", },
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-438/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT206903", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206903" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2016-07-18-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" ]
}, },
{ "references": {
"name" : "91824", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91824" "name": "91824",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91824"
"name" : "1036348", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036348" "name": "APPLE-SA-2016-07-18-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
} },
} {
"name": "http://zerodayinitiative.com/advisories/ZDI-16-437/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-437/"
},
{
"name": "1036348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036348"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-438/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-438/"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
}
]
}
}

160
2016/4xxx/CVE-2016-4709.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4709", "ID": "CVE-2016-4709",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage \"type confusion,\" a different vulnerability than CVE-2016-4710."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-609", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-609" "lang": "eng",
}, "value": "WindowServer in Apple OS X before 10.12 allows local users to obtain root access via vectors that leverage \"type confusion,\" a different vulnerability than CVE-2016-4710."
{ }
"name" : "https://support.apple.com/HT207170", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207170" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2016-09-20", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "93055", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/93055" ]
}, },
{ "references": {
"name" : "1036858", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036858" "name": "1036858",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1036858"
} },
} {
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-609",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-609"
},
{
"name": "93055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93055"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
}
]
}
}

34
2016/4xxx/CVE-2016-4940.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-4940", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-4940",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

130
2016/4xxx/CVE-2016-4947.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4947", "ID": "CVE-2016-4947",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf" "lang": "eng",
}, "value": "Cloudera HUE 3.9.0 and earlier allows remote attackers to enumerate user accounts via a request to desktop/api/users/autocomplete."
{ }
"name" : "93880", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93880" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf",
"refsource": "MISC",
"url": "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf"
},
{
"name": "93880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93880"
}
]
}
}

130
2016/9xxx/CVE-2016-9819.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9819", "ID": "CVE-2016-9819",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer/", "description_data": [
"refsource" : "MISC", {
"url" : "https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer/" "lang": "eng",
}, "value": "libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value."
{ }
"name" : "94732", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94732" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94732"
},
{
"name": "https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2016/12/01/libav-multiple-crashes-from-the-undefined-behavior-sanitizer/"
}
]
}
}

142
2019/2xxx/CVE-2019-2495.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2495", "ID": "CVE-2019-2495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.13 and prior" "version_value": "8.0.13 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106625", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106625" "lang": "eng",
} "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "106625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106625"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
}
]
}
}

34
2019/3xxx/CVE-2019-3056.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3056", "ID": "CVE-2019-3056",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

152
2019/3xxx/CVE-2019-3463.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@debian.org", "ASSIGNER": "security@debian.org",
"DATE_PUBLIC" : "2019-02-06T00:00:00", "DATE_PUBLIC": "2019-02-06T00:00:00",
"ID" : "CVE-2019-3463", "ID": "CVE-2019-3463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "rssh", "product_name": "rssh",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions before 2.3.4-5+deb9u2 and 2.3.4-10" "version_value": "All versions before 2.3.4-5+deb9u2 and 2.3.4-10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Debian GNU/Linux" "vendor_name": "Debian GNU/Linux"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incomplete sanitization of passed arguments"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20190206 [SECURITY] [DLA 1660-1] rssh security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html" "lang": "eng",
}, "value": "Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands."
{ }
"name" : "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/", ]
"refsource" : "MISC", },
"url" : "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4382", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2019/dsa-4382" "lang": "eng",
}, "value": "Incomplete sanitization of passed arguments"
{ }
"name" : "106839", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/106839" ]
} },
] "references": {
} "reference_data": [
} {
"name": "DSA-4382",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4382"
},
{
"name": "[debian-lts-announce] 20190206 [SECURITY] [DLA 1660-1] rssh security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00007.html"
},
{
"name": "106839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106839"
},
{
"name": "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/",
"refsource": "MISC",
"url": "https://tracker.debian.org/news/1026713/accepted-rssh-234-5deb9u2-source-amd64-into-stable-embargoed-stable/"
}
]
}
}

34
2019/3xxx/CVE-2019-3644.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3644", "ID": "CVE-2019-3644",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2019/3xxx/CVE-2019-3820.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psampaio@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2019-3820", "ID": "CVE-2019-3820",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "gnome-shell", "product_name": "gnome-shell",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "since 3.15.91" "version_value": "since 3.15.91"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Gnome Project" "vendor_name": "The Gnome Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "4.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-285"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", "description_data": [
"refsource" : "MISC", {
"url" : "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851" "lang": "eng",
}, "value": "It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820" "impact": {
} "cvss": [
] [
} {
} "vectorString": "4.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820"
},
{
"name": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851",
"refsource": "MISC",
"url": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851"
}
]
}
}

34
2019/4xxx/CVE-2019-4688.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4688", "ID": "CVE-2019-4688",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6530.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6530", "ID": "CVE-2019-6530",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6959.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6959", "ID": "CVE-2019-6959",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/6xxx/CVE-2019-6991.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6991", "ID": "CVE-2019-6991",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ZoneMinder/zoneminder/issues/2478", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ZoneMinder/zoneminder/issues/2478" "lang": "eng",
}, "value": "A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username."
{ }
"name" : "https://github.com/ZoneMinder/zoneminder/pull/2482", ]
"refsource" : "MISC", },
"url" : "https://github.com/ZoneMinder/zoneminder/pull/2482" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ZoneMinder/zoneminder/pull/2482",
"refsource": "MISC",
"url": "https://github.com/ZoneMinder/zoneminder/pull/2482"
},
{
"name": "https://github.com/ZoneMinder/zoneminder/issues/2478",
"refsource": "MISC",
"url": "https://github.com/ZoneMinder/zoneminder/issues/2478"
}
]
}
}

34
2019/7xxx/CVE-2019-7062.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7062", "ID": "CVE-2019-7062",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7158.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7158", "ID": "CVE-2019-7158",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7167.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7167", "ID": "CVE-2019-7167",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7442.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7442", "ID": "CVE-2019-7442",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7778.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7778", "ID": "CVE-2019-7778",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8004.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8004", "ID": "CVE-2019-8004",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8416.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8416", "ID": "CVE-2019-8416",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8456.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8456", "ID": "CVE-2019-8456",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8922.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8922", "ID": "CVE-2019-8922",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/8xxx/CVE-2019-8983.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8983", "ID": "CVE-2019-8983",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/" "lang": "eng",
} "value": "MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2)."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/",
"refsource": "MISC",
"url": "https://www.altn.com/Support/SecurityUpdate/MD021519_MDaemon_EN/"
}
]
}
}

34
2019/9xxx/CVE-2019-9167.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9167", "ID": "CVE-2019-9167",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }