admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:47:57 +00:00
parent b5ca9b29e0
commit 418cd84eb4
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
76 changed files with 5186 additions and 5186 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

470
2007/0xxx/CVE-2007-0242.json
View File

@ -1,237 +1,237 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0242", "ID": "CVE-2007-0242",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.nabble.com/Bug-417390:-CVE-2007-0242,--Qt-UTF-8-overlong-sequence-decoding-vulnerability-t3506065.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.nabble.com/Bug-417390:-CVE-2007-0242,--Qt-UTF-8-overlong-sequence-decoding-vulnerability-t3506065.html" "lang": "eng",
}, "value": "The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences that decode to dangerous metacharacters."
{ }
"name" : "http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350", ]
"refsource" : "CONFIRM", },
"url" : "http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.novell.com/techcenter/psdb/39ea4b325a7da742cb8b6995fa585b14.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.novell.com/techcenter/psdb/39ea4b325a7da742cb8b6995fa585b14.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.novell.com/techcenter/psdb/fc79b7f48d739f9c803a24ddad933384.html", ]
"refsource" : "CONFIRM", }
"url" : "http://support.novell.com/techcenter/psdb/fc79b7f48d739f9c803a24ddad933384.html" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1202", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1202" "name": "http://support.novell.com/techcenter/psdb/39ea4b325a7da742cb8b6995fa585b14.html",
}, "refsource": "CONFIRM",
{ "url": "http://support.novell.com/techcenter/psdb/39ea4b325a7da742cb8b6995fa585b14.html"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm" "name": "qt-utf8-xss(33397)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33397"
"name" : "DSA-1292", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1292" "name": "24699",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24699"
"name" : "FEDORA-2007-703", },
"refsource" : "FEDORA", {
"url" : "http://fedoranews.org/updates/FEDORA-2007-703.shtml" "name": "RHSA-2007:0909",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0909.html"
"name" : "MDKSA-2007:074", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:074" "name": "MDKSA-2007:074",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:074"
"name" : "MDKSA-2007:075", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:075" "name": "https://issues.rpath.com/browse/RPL-1202",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1202"
"name" : "MDKSA-2007:076", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:076" "name": "MDKSA-2007:076",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:076"
"name" : "RHSA-2007:0909", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0909.html" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm"
"name" : "RHSA-2007:0883", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0883.html" "name": "24889",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24889"
"name" : "RHSA-2011:1324", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2011-1324.html" "name": "27275",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27275"
"name" : "20070901-01-P", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc" "name": "24727",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24727"
"name" : "SSA:2007-093-03", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.348591" "name": "26857",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26857"
"name" : "SUSE-SR:2007:006", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_6_sr.html" "name": "http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350",
}, "refsource": "CONFIRM",
{ "url": "http://www.trolltech.com/company/newsroom/announcements/press.2007-03-30.9172215350"
"name" : "USN-452-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-452-1" "name": "SUSE-SR:2007:006",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html"
"name" : "23269", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23269" "name": "http://www.nabble.com/Bug-417390:-CVE-2007-0242,--Qt-UTF-8-overlong-sequence-decoding-vulnerability-t3506065.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.nabble.com/Bug-417390:-CVE-2007-0242,--Qt-UTF-8-overlong-sequence-decoding-vulnerability-t3506065.html"
"name" : "oval:org.mitre.oval:def:11510", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11510" "name": "DSA-1292",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1292"
"name" : "46117", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46117" "name": "24847",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24847"
"name" : "ADV-2007-1212", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1212" "name": "24705",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24705"
"name" : "24727", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24727" "name": "RHSA-2011:1324",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2011-1324.html"
"name" : "24699", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24699" "name": "23269",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23269"
"name" : "24705", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24705" "name": "46117",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/46117"
"name" : "24726", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24726" "name": "27108",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27108"
"name" : "24847", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24847" "name": "24759",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24759"
"name" : "24797", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24797" "name": "USN-452-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-452-1"
"name" : "24889", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24889" "name": "24726",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24726"
"name" : "24759", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24759" "name": "20070901-01-P",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc"
"name" : "25263", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25263" "name": "ADV-2007-1212",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1212"
"name" : "26857", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26857" "name": "25263",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25263"
"name" : "26804", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26804" "name": "26804",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26804"
"name" : "27108", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27108" "name": "FEDORA-2007-703",
}, "refsource": "FEDORA",
{ "url": "http://fedoranews.org/updates/FEDORA-2007-703.shtml"
"name" : "27275", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27275" "name": "oval:org.mitre.oval:def:11510",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11510"
"name" : "qt-utf8-xss(33397)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33397" "name": "RHSA-2007:0883",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2007-0883.html"
} },
} {
"name": "SSA:2007-093-03",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.348591"
},
{
"name": "MDKSA-2007:075",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:075"
},
{
"name": "http://support.novell.com/techcenter/psdb/fc79b7f48d739f9c803a24ddad933384.html",
"refsource": "CONFIRM",
"url": "http://support.novell.com/techcenter/psdb/fc79b7f48d739f9c803a24ddad933384.html"
},
{
"name": "24797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24797"
}
]
}
}

160
2007/0xxx/CVE-2007-0951.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0951", "ID": "CVE-2007-0951",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070213 Fullaspsite Shop (tr) Xss & SqL İnj. VulnZ.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/459979/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to execute arbitrary SQL commands via the cat parameter."
{ }
"name" : "22545", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22545" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33721", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33721" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2250", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2250" ]
}, },
{ "references": {
"name" : "fullaspsite-listmain-sql-injection(32470)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32470" "name": "fullaspsite-listmain-sql-injection(32470)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32470"
} },
} {
"name": "20070213 Fullaspsite Shop (tr) Xss & SqL İnj. VulnZ.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/459979/100/0/threaded"
},
{
"name": "22545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22545"
},
{
"name": "2250",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2250"
},
{
"name": "33721",
"refsource": "OSVDB",
"url": "http://osvdb.org/33721"
}
]
}
}

170
2007/2xxx/CVE-2007-2651.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2651", "ID": "CVE-2007-2651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of the exact length as a buffer; or a long (2) channel name, (3) partyline channel name, or unspecified vectors in crafted BOTNET packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=497807&group_id=116847", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=497807&group_id=116847" "lang": "eng",
}, "value": "Multiple off-by-one errors in VooDoo cIRCle before 1.1.beta27 allow remote attackers to cause a denial of service (connection loss) or possibly execute arbitrary code via a (1) DNS name response of the exact length as a buffer; or a long (2) channel name, (3) partyline channel name, or unspecified vectors in crafted BOTNET packets."
{ }
"name" : "23929", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23929" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1756", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1756" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41985", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/41985" ]
}, },
{ "references": {
"name" : "41986", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41986" "name": "41985",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41985"
"name" : "voodoocircle-ssl-dos(34229)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34229" "name": "41986",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/41986"
} },
} {
"name": "voodoocircle-ssl-dos(34229)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34229"
},
{
"name": "ADV-2007-1756",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1756"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=497807&group_id=116847",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=497807&group_id=116847"
},
{
"name": "23929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23929"
}
]
}
}

180
2007/3xxx/CVE-2007-3281.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3281", "ID": "CVE-2007-3281",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070618 PHP hosting Biller", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471642/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
{ }
"name" : "24517", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24517" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2248", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2248" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36374", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36374" ]
}, },
{ "references": {
"name" : "25681", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25681" "name": "20070618 PHP hosting Biller",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/471642/100/0/threaded"
"name" : "2811", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2811" "name": "2811",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2811"
"name" : "phphostingbiller-index-xss(34941)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34941" "name": "ADV-2007-2248",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/2248"
} },
} {
"name": "phphostingbiller-index-xss(34941)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34941"
},
{
"name": "25681",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25681"
},
{
"name": "24517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24517"
},
{
"name": "36374",
"refsource": "OSVDB",
"url": "http://osvdb.org/36374"
}
]
}
}

1050
2007/3xxx/CVE-2007-3387.json
View File

File diff suppressed because it is too large Load Diff

170
2007/3xxx/CVE-2007-3430.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3430", "ID": "CVE-2007-3430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4098", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4098" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in Simple Invoices 2007 05 25 allows remote attackers to execute arbitrary SQL commands via the submit parameter in an email action."
{ }
"name" : "24601", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24601" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2310", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2310" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36293", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36293" ]
}, },
{ "references": {
"name" : "25789", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25789" "name": "simpleinvoices-index-sql-injection(35021)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35021"
"name" : "simpleinvoices-index-sql-injection(35021)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35021" "name": "25789",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25789"
} },
} {
"name": "ADV-2007-2310",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2310"
},
{
"name": "4098",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4098"
},
{
"name": "36293",
"refsource": "OSVDB",
"url": "http://osvdb.org/36293"
},
{
"name": "24601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24601"
}
]
}
}

190
2007/3xxx/CVE-2007-3744.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3744", "ID": "CVE-2007-3744",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070807 Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=573" "lang": "eng",
}, "value": "Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=306172", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=306172" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2007-07-31", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25159", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25159" ]
}, },
{ "references": {
"name" : "ADV-2007-2732", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2732" "name": "ADV-2007-2732",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2732"
"name" : "1018488", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018488" "name": "macos-mdnsresponder-bo(35733)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35733"
"name" : "26235", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26235" "name": "APPLE-SA-2007-07-31",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html"
"name" : "macos-mdnsresponder-bo(35733)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35733" "name": "1018488",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1018488"
} },
} {
"name": "http://docs.info.apple.com/article.html?artnum=306172",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=306172"
},
{
"name": "25159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25159"
},
{
"name": "20070807 Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=573"
},
{
"name": "26235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26235"
}
]
}
}

34
2007/3xxx/CVE-2007-3879.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3879", "ID": "CVE-2007-3879",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2007/3xxx/CVE-2007-3964.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3964", "ID": "CVE-2007-3964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Itaka before 0.2.1, when using Authentication mode, allows remote attackers to bypass authentication and obtain sensitive information by downloading screenshots via a direct request for /screenshot."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.jardinpresente.com.ar/trac/itaka/ticket/20", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.jardinpresente.com.ar/trac/itaka/ticket/20" "lang": "eng",
}, "value": "Itaka before 0.2.1, when using Authentication mode, allows remote attackers to bypass authentication and obtain sensitive information by downloading screenshots via a direct request for /screenshot."
{ }
"name" : "24985", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24985" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38278", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38278" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26146", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/26146" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.jardinpresente.com.ar/trac/itaka/ticket/20",
"refsource": "CONFIRM",
"url": "http://www.jardinpresente.com.ar/trac/itaka/ticket/20"
},
{
"name": "26146",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26146"
},
{
"name": "38278",
"refsource": "OSVDB",
"url": "http://osvdb.org/38278"
},
{
"name": "24985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24985"
}
]
}
}

200
2007/4xxx/CVE-2007-4077.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4077", "ID": "CVE-2007-4077",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) msg, (2) page, (3) viewkey, or (4) viewtype parameter to (a) view_video.php; the (5) next parameter to (b) signup.php; the (6) search_id parameter to (c) search_result.php; the (7) category or (8) page parameter to (d) video.php; the (9) receiver parameter to (e) compose.php; the (10) catgy parameter to (f) groups.php; the (11) channelname parameter to (g) siteadmin/channels.php; or the (12) uname parameter to (h) siteadmin/muser.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Video Share Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) msg, (2) page, (3) viewkey, or (4) viewtype parameter to (a) view_video.php; the (5) next parameter to (b) signup.php; the (6) search_id parameter to (c) search_result.php; the (7) category or (8) page parameter to (d) video.php; the (9) receiver parameter to (e) compose.php; the (10) catgy parameter to (f) groups.php; the (11) channelname parameter to (g) siteadmin/channels.php; or the (12) uname parameter to (h) siteadmin/muser.php."
{ }
"name" : "37277", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/37277" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37278", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37278" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37279", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37279" ]
}, },
{ "references": {
"name" : "37280", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37280" "name": "37283",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37283"
"name" : "37281", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37281" "name": "37278",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37278"
"name" : "37282", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37282" "name": "37284",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37284"
"name" : "37283", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37283" "name": "37281",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37281"
"name" : "37284", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37284" "name": "37282",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/37282"
} },
} {
"name": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html",
"refsource": "MISC",
"url": "http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html"
},
{
"name": "37279",
"refsource": "OSVDB",
"url": "http://osvdb.org/37279"
},
{
"name": "37277",
"refsource": "OSVDB",
"url": "http://osvdb.org/37277"
},
{
"name": "37280",
"refsource": "OSVDB",
"url": "http://osvdb.org/37280"
}
]
}
}

160
2007/4xxx/CVE-2007-4180.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4180", "ID": "CVE-2007-4180",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argument when invoking fputs, which cannot be used to read files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070802 Pluck 4.3 themes.php Remote File Inclusion and disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/475323/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when register_globals is enabled, allows remote attackers to read arbitrary local files via a .. (dot dot) in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argument when invoking fputs, which cannot be used to read files."
{ }
"name" : "http://outlaw.aria-security.info/?p=12", ]
"refsource" : "MISC", },
"url" : "http://outlaw.aria-security.info/?p=12" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070802 False: Pluck 4.3 themes.php Remote File Inclusion and disclosure", "description": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2007-August/001752.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2973", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2973" ]
}, },
{ "references": {
"name" : "pluck-theme-directory-traversal(35757)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35757" "name": "pluck-theme-directory-traversal(35757)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35757"
} },
} {
"name": "2973",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2973"
},
{
"name": "20070802 False: Pluck 4.3 themes.php Remote File Inclusion and disclosure",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-August/001752.html"
},
{
"name": "20070802 Pluck 4.3 themes.php Remote File Inclusion and disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475323/100/0/threaded"
},
{
"name": "http://outlaw.aria-security.info/?p=12",
"refsource": "MISC",
"url": "http://outlaw.aria-security.info/?p=12"
}
]
}
}

220
2007/4xxx/CVE-2007-4429.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4429", "ID": "CVE-2007-4429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related to sending long URIs, as claimed to be actively exploited on 20070817 using a \"call to a specific number.\" NOTE: this identifier is for the en.securitylab.ru disclosure. According to the vendor, this issue is separate from the \"sign-on issues\" that reduced Skype service on 20070817, which appears to be a site-specific problem. As of 20070821, it is not clear whether this issue is simply a symptom of the larger sign-on problem."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070817 Skype Network Remote DoS Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/476942/100/0/threaded" "lang": "eng",
}, "value": "Unspecified vulnerability in Skype allows remote attackers to cause a denial of service (server hang) via unknown vectors related to sending long URIs, as claimed to be actively exploited on 20070817 using a \"call to a specific number.\" NOTE: this identifier is for the en.securitylab.ru disclosure. According to the vendor, this issue is separate from the \"sign-on issues\" that reduced Skype service on 20070817, which appears to be a site-specific problem. As of 20070821, it is not clear whether this issue is simply a symptom of the larger sign-on problem."
{ }
"name" : "20070820 RE: Skype Network Remote DoS Exploit", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/477178/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070820 Re: Skype Network Remote DoS Exploit", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/477156/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070820 Re[2]: Skype Network Remote DoS Exploit", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/477240/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://en.securitylab.ru/poc/301420.php", "reference_data": [
"refsource" : "MISC", {
"url" : "http://en.securitylab.ru/poc/301420.php" "name": "20070820 Re: Skype Network Remote DoS Exploit",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/477156/100/0/threaded"
"name" : "http://en.securitylab.ru/poc/extra/301419.php", },
"refsource" : "MISC", {
"url" : "http://en.securitylab.ru/poc/extra/301419.php" "name": "20070820 Re[2]: Skype Network Remote DoS Exploit",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/477240/100/0/threaded"
"name" : "http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html", },
"refsource" : "MISC", {
"url" : "http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html" "name": "3032",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3032"
"name" : "http://heartbeat.skype.com/2007/08/where_we_are_at_1100_gmt.html", },
"refsource" : "MISC", {
"url" : "http://heartbeat.skype.com/2007/08/where_we_are_at_1100_gmt.html" "name": "http://en.securitylab.ru/poc/extra/301419.php",
}, "refsource": "MISC",
{ "url": "http://en.securitylab.ru/poc/extra/301419.php"
"name" : "http://www.securitylab.ru/news/301422.php", },
"refsource" : "MISC", {
"url" : "http://www.securitylab.ru/news/301422.php" "name": "http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html",
}, "refsource": "MISC",
{ "url": "http://heartbeat.skype.com/2007/08/what_happened_on_august_16.html"
"name" : "http://blogs.csoonline.com/the_skype_mystery_why_blame_the_august_windows_updates", },
"refsource" : "MISC", {
"url" : "http://blogs.csoonline.com/the_skype_mystery_why_blame_the_august_windows_updates" "name": "http://blogs.csoonline.com/the_skype_mystery_why_blame_the_august_windows_updates",
}, "refsource": "MISC",
{ "url": "http://blogs.csoonline.com/the_skype_mystery_why_blame_the_august_windows_updates"
"name" : "3032", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3032" "name": "http://www.securitylab.ru/news/301422.php",
} "refsource": "MISC",
] "url": "http://www.securitylab.ru/news/301422.php"
} },
} {
"name": "http://heartbeat.skype.com/2007/08/where_we_are_at_1100_gmt.html",
"refsource": "MISC",
"url": "http://heartbeat.skype.com/2007/08/where_we_are_at_1100_gmt.html"
},
{
"name": "http://en.securitylab.ru/poc/301420.php",
"refsource": "MISC",
"url": "http://en.securitylab.ru/poc/301420.php"
},
{
"name": "20070820 RE: Skype Network Remote DoS Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477178/100/0/threaded"
},
{
"name": "20070817 Skype Network Remote DoS Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476942/100/0/threaded"
}
]
}
}

130
2007/4xxx/CVE-2007-4527.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4527", "ID": "CVE-2007-4527",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in phUploader.php in phphq.Net phUploader 1.2 allows remote attackers to upload and execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "25405", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25405" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in phUploader.php in phphq.Net phUploader 1.2 allows remote attackers to upload and execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "45829", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/45829" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25405",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25405"
},
{
"name": "45829",
"refsource": "OSVDB",
"url": "http://osvdb.org/45829"
}
]
}
}

190
2007/4xxx/CVE-2007-4678.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4678", "ID": "CVE-2007-4678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=307041", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307041" "lang": "eng",
}, "value": "AppleRAID in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows attackers to cause a denial of service (crash) via a crafted striped disk image, which triggers a NULL pointer dereference when it is mounted."
{ }
"name" : "APPLE-SA-2007-11-14", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-319A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26444", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26444" ]
}, },
{ "references": {
"name" : "ADV-2007-3868", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3868" "name": "1018950",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018950"
"name" : "1018950", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018950" "name": "26444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26444"
"name" : "27643", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27643" "name": "APPLE-SA-2007-11-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
"name" : "macosx-appleraid-striped-dos(38461)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38461" "name": "http://docs.info.apple.com/article.html?artnum=307041",
} "refsource": "CONFIRM",
] "url": "http://docs.info.apple.com/article.html?artnum=307041"
} },
} {
"name": "ADV-2007-3868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "27643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27643"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name": "macosx-appleraid-striped-dos(38461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38461"
}
]
}
}

190
2007/4xxx/CVE-2007-4725.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4725", "ID": "CVE-2007-4725",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481", "description_data": [
"refsource" : "MISC", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481" "lang": "eng",
}, "value": "Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow."
{ }
"name" : "http://akky.cjb.net/security/7-zip3.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://akky.cjb.net/security/7-zip3.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVN#62868899", "description": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2362868899/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25545", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25545" ]
}, },
{ "references": {
"name" : "ADV-2007-3086", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3086" "name": "26624",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26624"
"name" : "40482", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40482" "name": "JVN#62868899",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2362868899/index.html"
"name" : "26624", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26624" "name": "25545",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25545"
"name" : "akkywarehouse-zip-bo(36459)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36459" "name": "http://sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481",
} "refsource": "MISC",
] "url": "http://sourceforge.net/project/shownotes.php?release_id=535160&group_id=14481"
} },
} {
"name": "40482",
"refsource": "OSVDB",
"url": "http://osvdb.org/40482"
},
{
"name": "http://akky.cjb.net/security/7-zip3.txt",
"refsource": "CONFIRM",
"url": "http://akky.cjb.net/security/7-zip3.txt"
},
{
"name": "ADV-2007-3086",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3086"
},
{
"name": "akkywarehouse-zip-bo(36459)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36459"
}
]
}
}

190
2007/4xxx/CVE-2007-4737.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4737", "ID": "CVE-2007-4737",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the STPHPLIB_DIR parameter to (1) stphpapplication.php, (2) stphpbtnimage.php, or (3) stphpform.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4358", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4358" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the STPHPLIB_DIR parameter to (1) stphpapplication.php, (2) stphpbtnimage.php, or (3) stphpform.php."
{ }
"name" : "25525", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25525" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3092", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3092" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38929", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38929" ]
}, },
{ "references": {
"name" : "38930", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38930" "name": "38929",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38929"
"name" : "38931", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38931" "name": "38930",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38930"
"name" : "26658", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26658" "name": "4358",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4358"
"name" : "speedtech-stphplibdir-file-include(36416)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36416" "name": "25525",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/25525"
} },
} {
"name": "speedtech-stphplibdir-file-include(36416)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36416"
},
{
"name": "38931",
"refsource": "OSVDB",
"url": "http://osvdb.org/38931"
},
{
"name": "ADV-2007-3092",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3092"
},
{
"name": "26658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26658"
}
]
}
}

330
2007/6xxx/CVE-2007-6020.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2007-6020", "ID": "CVE-2007-6020",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490829/100/0/threaded" "lang": "eng",
}, "value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
{ }
"name" : "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/490831/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490830/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/490827/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://secunia.com/secunia_research/2007-104/advisory/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-104/advisory/" "name": "28140",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28140"
"name" : "http://secunia.com/secunia_research/2007-105/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-105/advisory/" "name": "http://secunia.com/secunia_research/2007-106/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2007-106/advisory/"
"name" : "http://secunia.com/secunia_research/2007-106/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-106/advisory/" "name": "29342",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29342"
"name" : "http://secunia.com/secunia_research/2007-107/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-107/advisory/" "name": "27763",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27763"
"name" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", },
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" "name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
"name" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" "name": "28209",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28209"
"name" : "28454", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28454" "name": "ADV-2008-1156",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1156"
"name" : "ADV-2008-1153", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1153" "name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
"name" : "ADV-2008-1154", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1154" "name": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453"
"name" : "ADV-2008-1156", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1156" "name": "28454",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28454"
"name" : "1019805", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019805" "name": "http://secunia.com/secunia_research/2007-105/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2007-105/advisory/"
"name" : "1019841", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019841" "name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
"name" : "27763", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27763" "name": "28210",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28210"
"name" : "28140", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28140" "name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
"name" : "28209", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28209" "name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
"name" : "28210", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28210" "name": "autonomy-keyview-foliosr-bo(41716)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
"name" : "29342", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29342" "name": "ADV-2008-1154",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1154"
"name" : "autonomy-keyview-foliosr-bo(41716)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716" "name": "1019841",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1019841"
} },
} {
"name": "1019805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1153"
},
{
"name": "http://secunia.com/secunia_research/2007-104/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-104/advisory/"
},
{
"name": "http://secunia.com/secunia_research/2007-107/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-107/advisory/"
}
]
}
}

250
2007/6xxx/CVE-2007-6110.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6110", "ID": "CVE-2007-6110",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/mailarchive/forum.php?thread_name=200709251310.55835.mskibbe%40suse.de&forum_name=htdig-dev", "description_data": [
"refsource" : "MISC", {
"url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=200709251310.55835.mskibbe%40suse.de&forum_name=htdig-dev" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453278", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453278" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1429", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1429" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2007-757", ]
"refsource" : "FEDORA", }
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00116.html" ]
}, },
{ "references": {
"name" : "RHSA-2007:1095", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1095.html" "name": "27965",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27965"
"name" : "SUSE-SR:2007:025", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" "name": "oval:org.mitre.oval:def:11515",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11515"
"name" : "26610", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26610" "name": "1019010",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1019010"
"name" : "oval:org.mitre.oval:def:11515", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11515" "name": "27850",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27850"
"name" : "ADV-2007-4038", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4038" "name": "SUSE-SR:2007:025",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
"name" : "1019010", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019010" "name": "ADV-2007-4038",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4038"
"name" : "27850", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27850" "name": "RHSA-2007:1095",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1095.html"
"name" : "27890", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27890" "name": "26610",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26610"
"name" : "28062", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28062" "name": "27890",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27890"
"name" : "27965", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27965" "name": "28062",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/28062"
} },
} {
"name": "http://sourceforge.net/mailarchive/forum.php?thread_name=200709251310.55835.mskibbe%40suse.de&forum_name=htdig-dev",
"refsource": "MISC",
"url": "http://sourceforge.net/mailarchive/forum.php?thread_name=200709251310.55835.mskibbe%40suse.de&forum_name=htdig-dev"
},
{
"name": "FEDORA-2007-757",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00116.html"
},
{
"name": "DSA-1429",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1429"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453278",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453278"
}
]
}
}

190
2007/6xxx/CVE-2007-6480.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6480", "ID": "CVE-2007-6480",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "103152", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103152-1" "lang": "eng",
}, "value": "The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code."
{ }
"name" : "201508", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201508-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26948", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26948" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-4268", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/4268" ]
}, },
{ "references": {
"name" : "39563", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39563" "name": "28151",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28151"
"name" : "1019119", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019119" "name": "1019119",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1019119"
"name" : "28151", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28151" "name": "103152",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103152-1"
"name" : "sunmc-smcorau-unauthorized-access(39137)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39137" "name": "201508",
} "refsource": "SUNALERT",
] "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201508-1"
} },
} {
"name": "26948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26948"
},
{
"name": "sunmc-smcorau-unauthorized-access(39137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39137"
},
{
"name": "39563",
"refsource": "OSVDB",
"url": "http://osvdb.org/39563"
},
{
"name": "ADV-2007-4268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4268"
}
]
}
}

210
2007/6xxx/CVE-2007-6548.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6548", "ID": "CVE-2007-6548",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter to modules/system/admin.php in a disclaimer action, (4) the disclaimer parameter to modules/mydownloads/admin/index.php in a mydownloadsConfigAdmin action, (5) the disclaimer parameter to modules/newbb_plus/admin/forum_config.php, (6) the disclaimer parameter to modules/mylinks/admin/index.php in a myLinksConfigAdmin action, or (7) the intro parameter to modules/sections/admin/index.php in a secconfig action, which inject PHP sequences into (a) sections/cache/intro.php, (b) mylinks/cache/disclaimer.php, (c) mydownloads/cache/disclaimer.php, (d) newbb_plus/cache/disclaimer.php, (e) system/cache/disclaimer.php, (f) system/cache/footer.php, (g) system/cache/header.php, or (h) system/cache/maintenance.php in modules/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071225 Multiple vulnerabilities in RUNCMS 1.6 by DSecRG", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485512/100/0/threaded" "lang": "eng",
}, "value": "Multiple direct static code injection vulnerabilities in RunCMS before 1.6.1 allow remote authenticated administrators to inject arbitrary PHP code via the (1) header and (2) footer parameters to modules/system/admin.php in a meta-generator action, (3) the disclaimer parameter to modules/system/admin.php in a disclaimer action, (4) the disclaimer parameter to modules/mydownloads/admin/index.php in a mydownloadsConfigAdmin action, (5) the disclaimer parameter to modules/newbb_plus/admin/forum_config.php, (6) the disclaimer parameter to modules/mylinks/admin/index.php in a myLinksConfigAdmin action, or (7) the intro parameter to modules/sections/admin/index.php in a secconfig action, which inject PHP sequences into (a) sections/cache/intro.php, (b) mylinks/cache/disclaimer.php, (c) mydownloads/cache/disclaimer.php, (d) newbb_plus/cache/disclaimer.php, (e) system/cache/disclaimer.php, (f) system/cache/footer.php, (g) system/cache/header.php, or (h) system/cache/maintenance.php in modules/."
{ }
"name" : "4790", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4790" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27019", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/27019" ]
}, },
{ "references": {
"name" : "41247", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41247" "name": "41250",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41250"
"name" : "41248", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41248" "name": "41251",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41251"
"name" : "41249", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41249" "name": "41249",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41249"
"name" : "41250", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41250" "name": "41248",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41248"
"name" : "41251", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41251" "name": "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131",
}, "refsource": "CONFIRM",
{ "url": "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131"
"name" : "3493", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3493" "name": "4790",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/4790"
} },
} {
"name": "41247",
"refsource": "OSVDB",
"url": "http://osvdb.org/41247"
},
{
"name": "27019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27019"
},
{
"name": "3493",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3493"
},
{
"name": "20071225 Multiple vulnerabilities in RUNCMS 1.6 by DSecRG",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485512/100/0/threaded"
}
]
}
}

170
2010/1xxx/CVE-2010-1382.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1382", "ID": "CVE-2010-1382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4188", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4188" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows remote authenticated users to inject arbitrary web script or HTML via crafted Wiki content, related to lack of a charset field."
{ }
"name" : "APPLE-SA-2010-06-15-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40871", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40871" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1024103", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1024103" ]
}, },
{ "references": {
"name" : "40220", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40220" "name": "APPLE-SA-2010-06-15-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
"name" : "ADV-2010-1481", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1481" "name": "ADV-2010-1481",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/1481"
} },
} {
"name": "40871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40871"
},
{
"name": "1024103",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024103"
},
{
"name": "http://support.apple.com/kb/HT4188",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4188"
},
{
"name": "40220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40220"
}
]
}
}

34
2014/0xxx/CVE-2014-0352.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-0352", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-0352",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2216. Reason: This candidate is a reservation duplicate of CVE-2014-2216. Notes: All CVE users should reference CVE-2014-2216 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2216. Reason: This candidate is a reservation duplicate of CVE-2014-2216. Notes: All CVE users should reference CVE-2014-2216 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

150
2014/1xxx/CVE-2014-1317.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1317", "ID": "CVE-2014-1317",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6296", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6296" "lang": "eng",
}, "value": "iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which allows local users to obtain sensitive information by reading this file."
{ }
"name" : "APPLE-SA-2014-06-30-2", ]
"refsource" : "APPLE", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030505", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030505" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "59475", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/59475" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://support.apple.com/kb/HT6296",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6296"
},
{
"name": "1030505",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030505"
},
{
"name": "APPLE-SA-2014-06-30-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html"
},
{
"name": "59475",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59475"
}
]
}
}

170
2014/1xxx/CVE-2014-1670.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1670", "ID": "CVE-2014-1670",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS response."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blog.trustlook.com/2014/01/23/trustlook-reported-microsofts-first-ever-android-vulnerability/", "description_data": [
"refsource" : "MISC", {
"url" : "http://blog.trustlook.com/2014/01/23/trustlook-reported-microsofts-first-ever-android-vulnerability/" "lang": "eng",
}, "value": "The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install arbitrary APK files via vectors involving a crafted DNS response."
{ }
"name" : "http://www.youtube.com/watch?v=_j1RKtTxZ3k", ]
"refsource" : "MISC", },
"url" : "http://www.youtube.com/watch?v=_j1RKtTxZ3k" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://play.google.com/store/apps/details?id=com.microsoft.bing", "description": [
"refsource" : "MISC", {
"url" : "https://play.google.com/store/apps/details?id=com.microsoft.bing" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "65128", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/65128" ]
}, },
{ "references": {
"name" : "102575", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/102575" "name": "http://blog.trustlook.com/2014/01/23/trustlook-reported-microsofts-first-ever-android-vulnerability/",
}, "refsource": "MISC",
{ "url": "http://blog.trustlook.com/2014/01/23/trustlook-reported-microsofts-first-ever-android-vulnerability/"
"name" : "ms-bing-cve20141670-code-exec(90977)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90977" "name": "http://www.youtube.com/watch?v=_j1RKtTxZ3k",
} "refsource": "MISC",
] "url": "http://www.youtube.com/watch?v=_j1RKtTxZ3k"
} },
} {
"name": "102575",
"refsource": "OSVDB",
"url": "http://osvdb.org/102575"
},
{
"name": "ms-bing-cve20141670-code-exec(90977)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90977"
},
{
"name": "65128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65128"
},
{
"name": "https://play.google.com/store/apps/details?id=com.microsoft.bing",
"refsource": "MISC",
"url": "https://play.google.com/store/apps/details?id=com.microsoft.bing"
}
]
}
}

170
2014/1xxx/CVE-2014-1829.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1829", "ID": "CVE-2014-1829",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108" "lang": "eng",
}, "value": "Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request."
{ }
"name" : "https://github.com/kennethreitz/requests/issues/1885", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/kennethreitz/requests/issues/1885" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://advisories.mageia.org/MGASA-2014-0409.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2014-0409.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3146", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3146" ]
}, },
{ "references": {
"name" : "MDVSA-2015:133", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133" "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733108"
"name" : "USN-2382-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2382-1" "name": "MDVSA-2015:133",
} "refsource": "MANDRIVA",
] "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:133"
} },
} {
"name": "USN-2382-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2382-1"
},
{
"name": "https://github.com/kennethreitz/requests/issues/1885",
"refsource": "CONFIRM",
"url": "https://github.com/kennethreitz/requests/issues/1885"
},
{
"name": "DSA-3146",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3146"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0409.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0409.html"
}
]
}
}

120
2014/5xxx/CVE-2014-5068.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5068", "ID": "CVE-2014-5068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\\ (dot dot forward slash) before a file name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5068/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5068/" "lang": "eng",
} "value": "Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\\ (dot dot forward slash) before a file name."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5068/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5068/"
}
]
}
}

170
2014/5xxx/CVE-2014-5211.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5211", "ID": "CVE-2014-5211",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-008/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-008/" "lang": "eng",
}, "value": "Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response."
{ }
"name" : "http://support.attachmate.com/techdocs/1708.html", ]
"refsource" : "CONFIRM", },
"url" : "http://support.attachmate.com/techdocs/1708.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.attachmate.com/techdocs/2288.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.attachmate.com/techdocs/2288.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.attachmate.com/techdocs/2501.html", ]
"refsource" : "CONFIRM", }
"url" : "http://support.attachmate.com/techdocs/2501.html" ]
}, },
{ "references": {
"name" : "http://support.attachmate.com/techdocs/2502.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.attachmate.com/techdocs/2502.html" "name": "http://support.attachmate.com/techdocs/1708.html",
}, "refsource": "CONFIRM",
{ "url": "http://support.attachmate.com/techdocs/1708.html"
"name" : "62467", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62467" "name": "http://support.attachmate.com/techdocs/2501.html",
} "refsource": "CONFIRM",
] "url": "http://support.attachmate.com/techdocs/2501.html"
} },
} {
"name": "http://support.attachmate.com/techdocs/2502.html",
"refsource": "CONFIRM",
"url": "http://support.attachmate.com/techdocs/2502.html"
},
{
"name": "62467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62467"
},
{
"name": "http://support.attachmate.com/techdocs/2288.html",
"refsource": "CONFIRM",
"url": "http://support.attachmate.com/techdocs/2288.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-008/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-008/"
}
]
}
}

120
2014/5xxx/CVE-2014-5405.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-5405", "ID": "CVE-2014-5405",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03" "lang": "eng",
} "value": "Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03"
}
]
}
}

140
2014/5xxx/CVE-2014-5555.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5555", "ID": "CVE-2014-5555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Counting & Addition Kids Games (aka air.com.tribalnova.ilearnwith.ipad.PokoAddEn) application 1.8.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Counting & Addition Kids Games (aka air.com.tribalnova.ilearnwith.ipad.PokoAddEn) application 1.8.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#409577", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/409577" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#409577",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/409577"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5985.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5985", "ID": "CVE-2014-5985",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Animal Kaiser Zangetsu (aka com.wAnimalKaiserZangetsu) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#566921", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/566921" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#566921",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/566921"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

150
2015/2xxx/CVE-2015-2507.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2507", "ID": "CVE-2015-2507",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Font Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2512."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38279", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38279/" "lang": "eng",
}, "value": "The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Font Driver Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2512."
{ }
"name" : "MS15-097", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76591", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76591" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033485", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033485" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1033485",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033485"
},
{
"name": "76591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76591"
},
{
"name": "MS15-097",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097"
},
{
"name": "38279",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38279/"
}
]
}
}

34
2015/2xxx/CVE-2015-2537.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-2537", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-2537",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

120
2015/2xxx/CVE-2015-2915.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-2915", "ID": "CVE-2015-2915",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote attackers to obtain web-management access by leveraging the ability to authenticate from the intranet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#906576", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/906576" "lang": "eng",
} "value": "Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote attackers to obtain web-management access by leveraging the ability to authenticate from the intranet."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#906576",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/906576"
}
]
}
}

140
2015/2xxx/CVE-2015-2990.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-2990", "ID": "CVE-2015-2990",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.desknets.com/neo/support/mainte/2590/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.desknets.com/neo/support/mainte/2590/" "lang": "eng",
}, "value": "Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter."
{ }
"name" : "JVN#09283606", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN09283606/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2015-000122", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000122" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000122",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000122"
},
{
"name": "JVN#09283606",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09283606/index.html"
},
{
"name": "http://www.desknets.com/neo/support/mainte/2590/",
"refsource": "CONFIRM",
"url": "http://www.desknets.com/neo/support/mainte/2590/"
}
]
}
}

130
2015/6xxx/CVE-2015-6113.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6113", "ID": "CVE-2015-6113",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka \"Windows Kernel Security Feature Bypass Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-115", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115" "lang": "eng",
}, "value": "The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka \"Windows Kernel Security Feature Bypass Vulnerability.\""
{ }
"name" : "1034114", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034114" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-115",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115"
},
{
"name": "1034114",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034114"
}
]
}
}

140
2015/6xxx/CVE-2015-6401.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6401", "ID": "CVE-2015-6401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39904", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39904/" "lang": "eng",
}, "value": "Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941."
{ }
"name" : "20151208 Cisco Wireless Residential Unauthorized Command Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034347", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034347" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "39904",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39904/"
},
{
"name": "20151208 Cisco Wireless Residential Unauthorized Command Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr"
},
{
"name": "1034347",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034347"
}
]
}
}

140
2015/6xxx/CVE-2015-6965.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6965", "ID": "CVE-2015-6965",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38086", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38086/" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) create a field, (2) update a field, (3) delete a field, (4) create a form, (5) update a form, (6) delete a form, (7) create a template, (8) update a template, (9) delete a template, or (10) conduct cross-site scripting (XSS) attacks via a crafted request to the cfg_forms page in wp-admin/admin.php."
{ }
"name" : "http://packetstormsecurity.com/files/133463/WordPress-Contact-Form-Generator-2.0.1-CSRF.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/133463/WordPress-Contact-Form-Generator-2.0.1-CSRF.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wpvulndb.com/vulnerabilities/8176", "description": [
"refsource" : "MISC", {
"url" : "https://wpvulndb.com/vulnerabilities/8176" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://wpvulndb.com/vulnerabilities/8176",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8176"
},
{
"name": "http://packetstormsecurity.com/files/133463/WordPress-Contact-Form-Generator-2.0.1-CSRF.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133463/WordPress-Contact-Form-Generator-2.0.1-CSRF.html"
},
{
"name": "38086",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38086/"
}
]
}
}

140
2016/0xxx/CVE-2016-0909.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0909", "ID": "CVE-2016-0909",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "EMC Avamar Data Store (ADS) versions 7.3.0 and older, Avamar Virtual Edition (AVE) versions 7.3.0 and older", "product_name": "EMC Avamar Data Store (ADS) versions 7.3.0 and older, Avamar Virtual Edition (AVE) versions 7.3.0 and older",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "EMC Avamar Data Store (ADS) versions 7.3.0 and older, Avamar Virtual Edition (AVE) versions 7.3.0 and older" "version_value": "EMC Avamar Data Store (ADS) versions 7.3.0 and older, Avamar Virtual Edition (AVE) versions 7.3.0 and older"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Privilege Management"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securityfocus.com/archive/1/539613", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.securityfocus.com/archive/1/539613" "lang": "eng",
}, "value": "EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users."
{ }
"name" : "93788", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93788" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037066", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037066" "lang": "eng",
} "value": "Improper Privilege Management"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037066",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037066"
},
{
"name": "http://www.securityfocus.com/archive/1/539613",
"refsource": "CONFIRM",
"url": "http://www.securityfocus.com/archive/1/539613"
},
{
"name": "93788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93788"
}
]
}
}

130
2016/1000xxx/CVE-2016-1000112.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000112", "ID": "CVE-2016-1000112",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vapidlabs.com/advisory.php?v=163", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.vapidlabs.com/advisory.php?v=163" "lang": "eng",
}, "value": "Unauthenticated remote .jpg file upload in contus-video-comments v1.0 wordpress plugin"
{ }
"name" : "93967", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93967" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93967"
},
{
"name": "http://www.vapidlabs.com/advisory.php?v=163",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/advisory.php?v=163"
}
]
}
}

132
2016/10xxx/CVE-2016-10451.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2016-10451", "ID": "CVE-2016-10451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Arbitrary command execution due to privilege escalation in mobileap_v2"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Arbitrary command execution due to privilege escalation in mobileap_v2"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

122
2016/10xxx/CVE-2016-10576.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10576", "ID": "CVE-2016-10576",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "fuseki node module", "product_name": "fuseki node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "<1.0.1" "version_value": "<1.0.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Fuseki server wrapper and management API in fuseki before 1.0.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/278", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/278" "lang": "eng",
} "value": "Fuseki server wrapper and management API in fuseki before 1.0.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/278",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/278"
}
]
}
}

122
2016/10xxx/CVE-2016-10659.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10659", "ID": "CVE-2016-10659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "poco node module", "product_name": "poco node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/271", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/271" "lang": "eng",
} "value": "poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/271",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/271"
}
]
}
}

180
2016/4xxx/CVE-2016-4085.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4085", "ID": "CVE-2016-4085",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2016-28.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2016-28.html" "lang": "eng",
}, "value": "Stack-based buffer overflow in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.12.x before 1.12.11 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long string in a packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99efcb0f5aeeb4b2179e88c7a4233022aaeecf0b", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99efcb0f5aeeb4b2179e88c7a4233022aaeecf0b" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" ]
}, },
{ "references": {
"name" : "DSA-3585", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3585" "name": "http://www.wireshark.org/security/wnpa-sec-2016-28.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2016-28.html"
"name" : "87467", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/87467" "name": "1035685",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035685"
"name" : "1035685", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035685" "name": "DSA-3585",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3585"
} },
} {
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99efcb0f5aeeb4b2179e88c7a4233022aaeecf0b",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=99efcb0f5aeeb4b2179e88c7a4233022aaeecf0b"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12293"
},
{
"name": "87467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/87467"
}
]
}
}

140
2016/4xxx/CVE-2016-4268.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4268", "ID": "CVE-2016-4268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-492", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-492" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, CVE-2016-4254, CVE-2016-4265, CVE-2016-4266, CVE-2016-4267, CVE-2016-4269, and CVE-2016-4270."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92643", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92643" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-492",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-492"
},
{
"name": "92643",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92643"
}
]
}
}

34
2016/4xxx/CVE-2016-4308.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4308", "ID": "CVE-2016-4308",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

250
2016/4xxx/CVE-2016-4463.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-4463", "ID": "CVE-2016-4463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160629 CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/538784/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD."
{ }
"name" : "http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://issues.apache.org/jira/browse/XERCESC-2069", "description": [
"refsource" : "CONFIRM", {
"url" : "https://issues.apache.org/jira/browse/XERCESC-2069" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12336069", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12336069" ]
}, },
{ "references": {
"name" : "http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "name": "https://issues.apache.org/jira/browse/XERCESC-2069",
}, "refsource": "CONFIRM",
{ "url": "https://issues.apache.org/jira/browse/XERCESC-2069"
"name" : "DSA-3610", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2016/dsa-3610" "name": "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12336069",
}, "refsource": "CONFIRM",
{ "url": "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12336069"
"name" : "RHSA-2018:3335", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3335" "name": "RHSA-2018:3335",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3335"
"name" : "RHSA-2018:3506", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3506" "name": "DSA-3610",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2016/dsa-3610"
"name" : "RHSA-2018:3514", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3514" "name": "1036211",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036211"
"name" : "openSUSE-SU-2016:2232", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html" "name": "openSUSE-SU-2016:2232",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html"
"name" : "openSUSE-SU-2016:1808", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html" "name": "RHSA-2018:3506",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3506"
"name" : "91501", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91501" "name": "RHSA-2018:3514",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3514"
"name" : "1036211", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036211" "name": "91501",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91501"
} },
} {
"name": "http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt",
"refsource": "CONFIRM",
"url": "http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt"
},
{
"name": "20160629 CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538784/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html"
},
{
"name": "openSUSE-SU-2016:1808",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html"
}
]
}
}

130
2016/4xxx/CVE-2016-4533.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-4533", "ID": "CVE-2016-4533",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-01" "lang": "eng",
}, "value": "Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file."
{ }
"name" : "91522", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91522" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91522",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91522"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-189-01"
}
]
}
}

34
2016/4xxx/CVE-2016-4942.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4942", "ID": "CVE-2016-4942",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2016/8xxx/CVE-2016-8652.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-8652", "ID": "CVE-2016-8652",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[dovecot-news] 20161203 v2.2.27 released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://dovecot.org/pipermail/dovecot-news/2016-December/000333.html" "lang": "eng",
}, "value": "The auth component in Dovecot before 2.2.27, when auth-policy is configured, allows a remote attackers to cause a denial of service (crash) by aborting authentication without setting a username."
{ }
"name" : "[oss-security] 20161202 Important vulnerability in Dovecot (CVE-2016-8652)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/12/02/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20161205 Re: Important vulnerability in Dovecot (CVE-2016-8652)", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/05/12" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94639", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94639" ]
} },
] "references": {
} "reference_data": [
} {
"name": "94639",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94639"
},
{
"name": "[oss-security] 20161202 Important vulnerability in Dovecot (CVE-2016-8652)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/02/4"
},
{
"name": "[dovecot-news] 20161203 v2.2.27 released",
"refsource": "MLIST",
"url": "http://dovecot.org/pipermail/dovecot-news/2016-December/000333.html"
},
{
"name": "[oss-security] 20161205 Re: Important vulnerability in Dovecot (CVE-2016-8652)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/12"
}
]
}
}

34
2016/8xxx/CVE-2016-8839.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-8839", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-8839",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

150
2016/9xxx/CVE-2016-9160.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "productcert@siemens.com", "ASSIGNER": "productcert@siemens.com",
"ID" : "CVE-2016-9160", "ID": "CVE-2016-9160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)", "product_name": "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)" "version_value": "SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-111: Direct Use of Unsafe JNI"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04" "lang": "eng",
}, "value": "A vulnerability in SIEMENS SIMATIC WinCC (All versions < SIMATIC WinCC V7.2) and SIEMENS SIMATIC PCS 7 (All versions < SIMATIC PCS 7 V8.0 SP1) could allow a remote attacker to crash an ActiveX component or leak parts of the application memory if a user is tricked into clicking on a malicious link under certain conditions."
{ }
"name" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94825", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94825" "lang": "eng",
}, "value": "CWE-111: Direct Use of Unsafe JNI"
{ }
"name" : "1037435", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037435" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-693129.pdf"
},
{
"name": "1037435",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037435"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-348-04"
},
{
"name": "94825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94825"
}
]
}
}

140
2016/9xxx/CVE-2016-9216.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-9216", "ID": "CVE-2016-9216",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco ASR 5000 Software", "product_name": "Cisco ASR 5000 Software",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco ASR 5000 Software" "version_value": "Cisco ASR 5000 Software"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.63166 20.2.A0.63174 20.1.A0.63232 20.2.A0.63237 20.0.M0.63226 20.0.M0.63229 20.0.R0.63294 20.0.R0.63316 20.0.V0.63263 20.0.VG0.63233 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.0 20.1.0.63959 20.1.M0.63876 20.1.T0.63886 20.1.V0.64231 20.1.VA0.64194 20.1.VB0.64210 20.1.a0 20.1.a0.64023 20.1.v0 20.1.v0.64607 20.2.A0.63895 21.0.0 21.0.0.65256 21.0.M0.63881 21.0.M0.64281 21.0.PP0.64366 21.0.V0.65052 21.0.v0 21.0.v0.65831 21.0.vb0.65887 21.1.R0.65130 21.1.R0.65135."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "unspecified"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr" "lang": "eng",
}, "value": "An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.63166 20.2.A0.63174 20.1.A0.63232 20.2.A0.63237 20.0.M0.63226 20.0.M0.63229 20.0.R0.63294 20.0.R0.63316 20.0.V0.63263 20.0.VG0.63233 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.0 20.1.0.63959 20.1.M0.63876 20.1.T0.63886 20.1.V0.64231 20.1.VA0.64194 20.1.VB0.64210 20.1.a0 20.1.a0.64023 20.1.v0 20.1.v0.64607 20.2.A0.63895 21.0.0 21.0.0.65256 21.0.M0.63881 21.0.M0.64281 21.0.PP0.64366 21.0.V0.65052 21.0.v0 21.0.v0.65831 21.0.vb0.65887 21.1.R0.65130 21.1.R0.65135."
{ }
"name" : "95629", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95629" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037652", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037652" "lang": "eng",
} "value": "unspecified"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037652",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037652"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr"
},
{
"name": "95629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95629"
}
]
}
}

160
2016/9xxx/CVE-2016-9381.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9381", "ID": "CVE-2016-9381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://xenbits.xen.org/xsa/advisory-197.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://xenbits.xen.org/xsa/advisory-197.html" "lang": "eng",
}, "value": "Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a \"double fetch\" vulnerability."
{ }
"name" : "https://support.citrix.com/article/CTX218775", ]
"refsource" : "CONFIRM", },
"url" : "https://support.citrix.com/article/CTX218775" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201612-56", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-56" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94476", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94476" ]
}, },
{ "references": {
"name" : "1037344", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037344" "name": "http://xenbits.xen.org/xsa/advisory-197.html",
} "refsource": "CONFIRM",
] "url": "http://xenbits.xen.org/xsa/advisory-197.html"
} },
} {
"name": "GLSA-201612-56",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-56"
},
{
"name": "94476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94476"
},
{
"name": "https://support.citrix.com/article/CTX218775",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX218775"
},
{
"name": "1037344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037344"
}
]
}
}

248
2016/9xxx/CVE-2016-9733.json
View File

@ -1,126 +1,126 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-06-30T00:00:00", "DATE_PUBLIC": "2017-06-30T00:00:00",
"ID" : "CVE-2016-9733", "ID": "CVE-2016-9733",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Rational Team Concert", "product_name": "Rational Team Concert",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.0" "version_value": "4.0"
}, },
{ {
"version_value" : "4.0.1" "version_value": "4.0.1"
}, },
{ {
"version_value" : "4.0.0.1" "version_value": "4.0.0.1"
}, },
{ {
"version_value" : "4.0.0.2" "version_value": "4.0.0.2"
}, },
{ {
"version_value" : "4.0.2" "version_value": "4.0.2"
}, },
{ {
"version_value" : "4.0.3" "version_value": "4.0.3"
}, },
{ {
"version_value" : "4.0.4" "version_value": "4.0.4"
}, },
{ {
"version_value" : "4.0.5" "version_value": "4.0.5"
}, },
{ {
"version_value" : "4.0.6" "version_value": "4.0.6"
}, },
{ {
"version_value" : "5.0" "version_value": "5.0"
}, },
{ {
"version_value" : "4.0.7" "version_value": "4.0.7"
}, },
{ {
"version_value" : "5.0.2" "version_value": "5.0.2"
}, },
{ {
"version_value" : "5.0.1" "version_value": "5.0.1"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "6.0.1" "version_value": "6.0.1"
}, },
{ {
"version_value" : "6.0.2" "version_value": "6.0.2"
}, },
{ {
"version_value" : "6.0.3" "version_value": "6.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119762."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119762", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/119762" "lang": "eng",
}, "value": "IBM Team Concert (RTC) 4.0, 5.0 and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119762."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22004611", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22004611" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "99352", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99352" "lang": "eng",
}, "value": "Cross-Site Scripting"
{ }
"name" : "1038912", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1038912" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119762",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/119762"
},
{
"name": "99352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99352"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22004611",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004611"
},
{
"name": "1038912",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038912"
}
]
}
}

202
2016/9xxx/CVE-2016-9737.json
View File

@ -1,103 +1,103 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-9737", "ID": "CVE-2016-9737",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "TRIRIGA Application Platform", "product_name": "TRIRIGA Application Platform",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.2" "version_value": "3.2"
}, },
{ {
"version_value" : "3.2.1" "version_value": "3.2.1"
}, },
{ {
"version_value" : "3.1" "version_value": "3.1"
}, },
{ {
"version_value" : "3.0" "version_value": "3.0"
}, },
{ {
"version_value" : "3.3" "version_value": "3.3"
}, },
{ {
"version_value" : "3.3.1" "version_value": "3.3.1"
}, },
{ {
"version_value" : "3.3.2" "version_value": "3.3.2"
}, },
{ {
"version_value" : "3.4" "version_value": "3.4"
}, },
{ {
"version_value" : "3.4.1" "version_value": "3.4.1"
}, },
{ {
"version_value" : "3.4.2" "version_value": "3.4.2"
}, },
{ {
"version_value" : "3.5" "version_value": "3.5"
}, },
{ {
"version_value" : "3.5.1" "version_value": "3.5.1"
}, },
{ {
"version_value" : "3.5.2" "version_value": "3.5.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1996200."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21996200", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21996200" "lang": "eng",
}, "value": "IBM TRIRIGA 3.3, 3.4, and 3.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1996200."
{ }
"name" : "97064", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97064" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21996200",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21996200"
},
{
"name": "97064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97064"
}
]
}
}

34
2016/9xxx/CVE-2016-9780.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9780", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9780",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2100.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2100", "ID": "CVE-2019-2100",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2276.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2276", "ID": "CVE-2019-2276",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2302.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2302", "ID": "CVE-2019-2302",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2975.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2975", "ID": "CVE-2019-2975",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2976.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2976", "ID": "CVE-2019-2976",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3197.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3197", "ID": "CVE-2019-3197",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3561.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3561", "ID": "CVE-2019-3561",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3895.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3895", "ID": "CVE-2019-3895",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3975.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3975", "ID": "CVE-2019-3975",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3992.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3992", "ID": "CVE-2019-3992",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6056.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6056", "ID": "CVE-2019-6056",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6192.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6192", "ID": "CVE-2019-6192",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6709.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6709", "ID": "CVE-2019-6709",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7103.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7103", "ID": "CVE-2019-7103",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7192.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7192", "ID": "CVE-2019-7192",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7225.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7225", "ID": "CVE-2019-7225",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7285.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7285", "ID": "CVE-2019-7285",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7866.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7866", "ID": "CVE-2019-7866",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8166.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8166", "ID": "CVE-2019-8166",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2019/8xxx/CVE-2019-8269.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vulnerability@kaspersky.com", "ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2019-03-01T00:00:00", "DATE_PUBLIC": "2019-03-01T00:00:00",
"ID" : "CVE-2019-8269", "ID": "CVE-2019-8269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UltraVNC", "product_name": "UltraVNC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.2.2.3" "version_value": "1.2.2.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kaspersky Lab" "vendor_name": "Kaspersky Lab"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-121: Stack-based Buffer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/" "lang": "eng",
} "value": "UltraVNC revision 1206 has stack-based Buffer overflow vulnerability in VNC client code inside FileTransfer module, which leads to a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1207."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-016-ultravnc-stack-based-buffer-overflow/"
}
]
}
}