admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:40:10 +00:00
parent 71b9863365
commit 46109de1ce
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3259 additions and 3259 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2007/2xxx/CVE-2007-2712.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2712",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2712",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in MH Software Connect Daily before 3.3.3 has unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mhsoftware.com/changelog.html",
"refsource" : "CONFIRM",
"url" : "http://www.mhsoftware.com/changelog.html"
"name": "25240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25240"
},
{
"name" : "23968",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23968"
"name": "http://www.mhsoftware.com/changelog.html",
"refsource": "CONFIRM",
"url": "http://www.mhsoftware.com/changelog.html"
},
{
"name" : "ADV-2007-1788",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1788"
"name": "34782",
"refsource": "OSVDB",
"url": "http://osvdb.org/34782"
},
{
"name" : "34782",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34782"
"name": "ADV-2007-1788",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1788"
},
{
"name" : "25240",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25240"
"name": "connectdaily-unspecified(34262)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34262"
},
{
"name" : "connectdaily-unspecified(34262)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34262"
"name": "23968",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23968"
}
]
}

110
2007/2xxx/CVE-2007-2718.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2718",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2718",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the WebMail system in Stalker CommuniGate Pro 5.1.8 and earlier, when using Microsoft Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via crafted STYLE tags."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070512 CommuniGate Pro web mail persistent cross-site scripting vulnerability",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=117900749209206&w=2"
"name": "1018048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018048"
},
{
"name" : "http://www.communigate.com/CommuniGatePro/History51.html",
"refsource" : "MISC",
"url" : "http://www.communigate.com/CommuniGatePro/History51.html"
"name": "36017",
"refsource": "OSVDB",
"url": "http://osvdb.org/36017"
},
{
"name" : "http://www.scanit.be/advisory-2007-05-12.html",
"refsource" : "MISC",
"url" : "http://www.scanit.be/advisory-2007-05-12.html"
"name": "25250",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25250"
},
{
"name" : "23950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23950"
"name": "ADV-2007-1795",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1795"
},
{
"name" : "ADV-2007-1795",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1795"
"name": "http://www.scanit.be/advisory-2007-05-12.html",
"refsource": "MISC",
"url": "http://www.scanit.be/advisory-2007-05-12.html"
},
{
"name" : "36017",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36017"
"name": "communigate-mail-xss(34266)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34266"
},
{
"name" : "1018048",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018048"
"name": "http://www.communigate.com/CommuniGatePro/History51.html",
"refsource": "MISC",
"url": "http://www.communigate.com/CommuniGatePro/History51.html"
},
{
"name" : "25250",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25250"
"name": "20070512 CommuniGate Pro web mail persistent cross-site scripting vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=117900749209206&w=2"
},
{
"name" : "communigate-mail-xss(34266)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34266"
"name": "23950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23950"
}
]
}

86
2007/2xxx/CVE-2007-2725.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-2725",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2725",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function."
"lang": "eng",
"value": "The DB Software Laboratory DeWizardX (DEWizardAX.ocx) ActiveX control allows remote attackers to overwrite arbitrary files via the SaveToFile function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://moaxb.blogspot.com/2007/05/moaxb-15-db-software-laboratory.html",
"refsource" : "MISC",
"url" : "http://moaxb.blogspot.com/2007/05/moaxb-15-db-software-laboratory.html"
"name": "36023",
"refsource": "OSVDB",
"url": "http://osvdb.org/36023"
},
{
"name" : "http://shinnai.altervista.org/viewtopic.php?id=42&t_id=17",
"refsource" : "MISC",
"url" : "http://shinnai.altervista.org/viewtopic.php?id=42&t_id=17"
"name": "http://moaxb.blogspot.com/2007/05/moaxb-15-db-software-laboratory.html",
"refsource": "MISC",
"url": "http://moaxb.blogspot.com/2007/05/moaxb-15-db-software-laboratory.html"
},
{
"name" : "23986",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23986"
"name": "dbsoftware-dewizardax-file-overwrite(34304)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34304"
},
{
"name" : "36023",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36023"
"name": "23986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23986"
},
{
"name" : "dbsoftware-dewizardax-file-overwrite(34304)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34304"
"name": "http://shinnai.altervista.org/viewtopic.php?id=42&t_id=17",
"refsource": "MISC",
"url": "http://shinnai.altervista.org/viewtopic.php?id=42&t_id=17"
}
]
}

98
2007/3xxx/CVE-2007-3792.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3792",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3792",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/."
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in AzDG Dating Gold 3.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the int_path parameter to (1) header.php, (2) footer.php, or (3) secure.admin.php in templates/."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070713 AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/473664/100/0/threaded"
"name": "36263",
"refsource": "OSVDB",
"url": "http://osvdb.org/36263"
},
{
"name" : "24910",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24910"
"name": "20070713 AzDG Dating Gold v3.0.5 ===> Remote File Include Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473664/100/0/threaded"
},
{
"name" : "36262",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36262"
"name": "36262",
"refsource": "OSVDB",
"url": "http://osvdb.org/36262"
},
{
"name" : "36263",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36263"
"name": "azdgdating-intpath-file-include(35428)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35428"
},
{
"name" : "36264",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36264"
"name": "2888",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2888"
},
{
"name" : "2888",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2888"
"name": "24910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24910"
},
{
"name" : "azdgdating-intpath-file-include(35428)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35428"
"name": "36264",
"refsource": "OSVDB",
"url": "http://osvdb.org/36264"
}
]
}

98
2007/3xxx/CVE-2007-3987.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3987",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3987",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote attackers to execute arbitrary SQL commands via the SearchWord parameter."
"lang": "eng",
"value": "SQL injection vulnerability in SearchResults.asp in ImageRacer 1.0, when WordSearchCrit is enabled, allows remote attackers to execute arbitrary SQL commands via the SearchWord parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070722 [Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474419/100/0/threaded"
"name": "26169",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26169"
},
{
"name" : "http://outlaw.aria-security.info/?p=7",
"refsource" : "MISC",
"url" : "http://outlaw.aria-security.info/?p=7"
"name": "http://outlaw.aria-security.info/?p=7",
"refsource": "MISC",
"url": "http://outlaw.aria-security.info/?p=7"
},
{
"name" : "25010",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25010"
"name": "36277",
"refsource": "OSVDB",
"url": "http://osvdb.org/36277"
},
{
"name" : "36277",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36277"
"name": "20070722 [Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474419/100/0/threaded"
},
{
"name" : "26169",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26169"
"name": "2925",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2925"
},
{
"name" : "2925",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2925"
"name": "imageracer-searchresults-sql-injection(35537)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35537"
},
{
"name" : "imageracer-searchresults-sql-injection(35537)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35537"
"name": "25010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25010"
}
]
}

68
2007/4xxx/CVE-2007-4042.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4042",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4042",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670."
"lang": "eng",
"value": "Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/",
"refsource" : "MISC",
"url" : "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
"name": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/",
"refsource": "MISC",
"url": "http://xs-sniper.com/blog/remote-command-exec-firefox-2005/"
},
{
"name" : "46832",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/46832"
"name": "46832",
"refsource": "OSVDB",
"url": "http://osvdb.org/46832"
}
]
}

104
2007/4xxx/CVE-2007-4533.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4533",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4533",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function."
"lang": "eng",
"value": "Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://aluigi.altervista.org/adv/vaboom2-adv.txt",
"refsource" : "MISC",
"url" : "http://aluigi.altervista.org/adv/vaboom2-adv.txt"
"name": "26701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26701"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=256621",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=256621"
"name": "http://aluigi.altervista.org/adv/vaboom2-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/vaboom2-adv.txt"
},
{
"name" : "FEDORA-2007-1977",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00094.html"
"name": "FEDORA-2007-1977",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00094.html"
},
{
"name" : "25436",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25436"
"name": "3057",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3057"
},
{
"name" : "26554",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26554"
"name": "vavoom-say-code-execution(36247)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36247"
},
{
"name" : "26701",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26701"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=256621",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=256621"
},
{
"name" : "3057",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3057"
"name": "26554",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26554"
},
{
"name" : "vavoom-say-code-execution(36247)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36247"
"name": "25436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25436"
}
]
}

86
2007/4xxx/CVE-2007-4580.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4580",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4580",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large buffer."
"lang": "eng",
"value": "Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070824 Security vulnerability in BufferZone 2.5",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/477726/100/0/threaded"
"name": "39154",
"refsource": "OSVDB",
"url": "http://osvdb.org/39154"
},
{
"name" : "39154",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39154"
"name": "26608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26608"
},
{
"name" : "26608",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26608"
"name": "bufferzone-redlight-privilege-escalation(36278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36278"
},
{
"name" : "3071",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3071"
"name": "20070824 Security vulnerability in BufferZone 2.5",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477726/100/0/threaded"
},
{
"name" : "bufferzone-redlight-privilege-escalation(36278)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36278"
"name": "3071",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3071"
}
]
}

122
2010/5xxx/CVE-2010-5079.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5079",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-5079",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) \"forgot password\" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors."
"lang": "eng",
"value": "SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) \"forgot password\" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110104 CVE request: silverstripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/03/12"
"name": "http://open.silverstripe.org/changeset/114505",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114505"
},
{
"name" : "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/1"
"name": "http://open.silverstripe.org/changeset/114503",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114503"
},
{
"name" : "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/04/30/3"
"name": "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/01/3"
},
{
"name" : "[oss-security] 20120501 Re: CVE-request: SilverStripe before 2.4.4",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/01/3"
"name": "http://open.silverstripe.org/changeset/114504",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114504"
},
{
"name" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.3.10",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.3.10"
"name": "[oss-security] 20120430 CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/1"
},
{
"name" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4",
"refsource" : "CONFIRM",
"url" : "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4"
"name": "[oss-security] 20120430 Re: CVE-request: SilverStripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/3"
},
{
"name" : "http://open.silverstripe.org/changeset/114497",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/114497"
"name": "http://open.silverstripe.org/changeset/114498",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114498"
},
{
"name" : "http://open.silverstripe.org/changeset/114498",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/114498"
"name": "[oss-security] 20110104 CVE request: silverstripe before 2.4.4",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/03/12"
},
{
"name" : "http://open.silverstripe.org/changeset/114503",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/114503"
"name": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.4.4"
},
{
"name" : "http://open.silverstripe.org/changeset/114504",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/114504"
"name": "http://open.silverstripe.org/changeset/114497",
"refsource": "CONFIRM",
"url": "http://open.silverstripe.org/changeset/114497"
},
{
"name" : "http://open.silverstripe.org/changeset/114505",
"refsource" : "CONFIRM",
"url" : "http://open.silverstripe.org/changeset/114505"
"name": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.3.10",
"refsource": "CONFIRM",
"url": "http://doc.silverstripe.org/framework/en/trunk/changelogs//2.3.10"
}
]
}

68
2010/5xxx/CVE-2010-5250.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5250",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5250",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in the pthread_win32_process_attach_np function in pthreadGC2.dll in Pthreads-win32 2.8.0 allows local users to gain privileges via a Trojan horse quserex.dll file in the current working directory. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Untrusted search path vulnerability in the pthread_win32_process_attach_np function in pthreadGC2.dll in Pthreads-win32 2.8.0 allows local users to gain privileges via a Trojan horse quserex.dll file in the current working directory. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource" : "MISC",
"url" : "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
"name": "41215",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41215"
},
{
"name" : "41215",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41215"
"name": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/",
"refsource": "MISC",
"url": "http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/"
}
]
}

86
2010/5xxx/CVE-2010-5300.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-5300",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-5300",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive."
"lang": "eng",
"value": "Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "32899",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/32899"
"name": "32899",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/32899"
},
{
"name" : "20100406 [SECURITY] - Jzip (.zip) Unicode bof Vulnerability",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2010/Apr/79"
"name": "20100406 [SECURITY] - Jzip (.zip) Unicode bof Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2010/Apr/79"
},
{
"name" : "http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.html"
"name": "http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126216/Jzip-2.0.0.132900-Buffer-Overflow.html"
},
{
"name" : "https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bof",
"refsource" : "MISC",
"url" : "https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bof"
"name": "65041",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/65041"
},
{
"name" : "65041",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/65041"
"name": "https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bof",
"refsource": "MISC",
"url": "https://www.corelan.be/index.php/forum/security-advisories-archive-2010/corelan-10-021-jzip-zip-seh-bof"
}
]
}

128
2014/0xxx/CVE-2014-0020.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0020",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0020",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message."
"lang": "eng",
"value": "The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/4d9be297d399",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/4d9be297d399"
"name": "openSUSE-SU-2014:0326",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html"
},
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/5845d9fa7084",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/5845d9fa7084"
"name": "http://hg.pidgin.im/pidgin/main/rev/a167504359e5",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/a167504359e5"
},
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/6b0e0566af20",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/6b0e0566af20"
"name": "RHSA-2014:0139",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2014-0139.html"
},
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/7d0fb0c6d8d4",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/7d0fb0c6d8d4"
"name": "http://hg.pidgin.im/pidgin/main/rev/9f132a6855cd",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/9f132a6855cd"
},
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/9f132a6855cd",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/9f132a6855cd"
"name": "DSA-2859",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2859"
},
{
"name" : "http://hg.pidgin.im/pidgin/main/rev/a167504359e5",
"refsource" : "CONFIRM",
"url" : "http://hg.pidgin.im/pidgin/main/rev/a167504359e5"
"name": "http://pidgin.im/news/security/?id=85",
"refsource": "CONFIRM",
"url": "http://pidgin.im/news/security/?id=85"
},
{
"name" : "http://pidgin.im/news/security/?id=85",
"refsource" : "CONFIRM",
"url" : "http://pidgin.im/news/security/?id=85"
"name": "http://hg.pidgin.im/pidgin/main/rev/4d9be297d399",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/4d9be297d399"
},
{
"name" : "DSA-2859",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2859"
"name": "openSUSE-SU-2014:0239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html"
},
{
"name" : "RHSA-2014:0139",
"refsource" : "REDHAT",
"url" : "https://rhn.redhat.com/errata/RHSA-2014-0139.html"
"name": "http://hg.pidgin.im/pidgin/main/rev/6b0e0566af20",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/6b0e0566af20"
},
{
"name" : "openSUSE-SU-2014:0239",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-02/msg00039.html"
"name": "USN-2100-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2100-1"
},
{
"name" : "openSUSE-SU-2014:0326",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00005.html"
"name": "http://hg.pidgin.im/pidgin/main/rev/7d0fb0c6d8d4",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/7d0fb0c6d8d4"
},
{
"name" : "USN-2100-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2100-1"
"name": "http://hg.pidgin.im/pidgin/main/rev/5845d9fa7084",
"refsource": "CONFIRM",
"url": "http://hg.pidgin.im/pidgin/main/rev/5845d9fa7084"
}
]
}

224
2014/0xxx/CVE-2014-0196.json
View File

@ -1,196 +1,196 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0196",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0196",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
"lang": "eng",
"value": "The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the \"LECHO & !OPOST\" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "33516",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/33516"
"name": "USN-2203-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"name" : "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/05/05/6"
"name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html",
"refsource": "CONFIRM",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"name" : "http://pastebin.com/raw.php?i=yTSFUBgZ",
"refsource" : "MISC",
"url" : "http://pastebin.com/raw.php?i=yTSFUBgZ"
"name": "106646",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/106646"
},
{
"name" : "http://bugzilla.novell.com/show_bug.cgi?id=875690",
"refsource" : "CONFIRM",
"url" : "http://bugzilla.novell.com/show_bug.cgi?id=875690"
"name": "SUSE-SU-2014:0683",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00"
"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094232",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
"name": "59262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59262"
},
{
"name" : "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
"name": "USN-2204-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"name" : "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource" : "CONFIRM",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0771.html"
"name": "59218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59218"
},
{
"name" : "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-07-01.html"
"name": "USN-2202-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"name" : "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html",
"refsource" : "CONFIRM",
"url" : "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
"name": "33516",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"name" : "DSA-2926",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2926"
"name": "DSA-2928",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"name" : "DSA-2928",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2928"
"name": "USN-2199-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"name" : "RHSA-2014:0512",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"name" : "SUSE-SU-2014:0667",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"name" : "SUSE-SU-2014:0683",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
"name": "USN-2197-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"name" : "USN-2196-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2196-1"
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name" : "USN-2197-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2197-1"
"name": "RHSA-2014:0512",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"name" : "USN-2198-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2198-1"
"name": "59599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59599"
},
{
"name" : "USN-2199-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2199-1"
"name": "DSA-2926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"name" : "USN-2200-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2200-1"
"name": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"name" : "USN-2201-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2201-1"
"name": "SUSE-SU-2014:0667",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"name" : "USN-2202-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2202-1"
"name": "http://pastebin.com/raw.php?i=yTSFUBgZ",
"refsource": "MISC",
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"name" : "USN-2203-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2203-1"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"name" : "USN-2204-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2204-1"
"name": "http://bugzilla.novell.com/show_bug.cgi?id=875690",
"refsource": "CONFIRM",
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"name" : "106646",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/106646"
"name": "USN-2198-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"name" : "59599",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59599"
"name": "USN-2200-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"name" : "59262",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59262"
"name": "USN-2201-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"name" : "59218",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/59218"
"name": "USN-2196-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2196-1"
}
]
}

62
2014/0xxx/CVE-2014-0778.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-0778",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-0778",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651."
"lang": "eng",
"value": "The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01",
"refsource" : "MISC",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01"
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-105-01"
}
]
}

128
2014/1xxx/CVE-2014-1713.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1713",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2014-1713",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value."
"lang": "eng",
"value": "Use-after-free vulnerability in the AttributeSetter function in bindings/templates/attributes.cpp in the bindings in Blink, as used in Google Chrome before 33.0.1750.152 on OS X and Linux and before 33.0.1750.154 on Windows, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the document.location value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140326 VUPEN Security Research - Google Chrome Blink \"locationAttributeSetter\" Use-after-free (Pwn2Own)",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-03/0144.html"
"name": "DSA-2883",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2883"
},
{
"name" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html"
"name": "20140326 VUPEN Security Research - Google Chrome Blink \"locationAttributeSetter\" Use-after-free (Pwn2Own)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-03/0144.html"
},
{
"name" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html"
"name": "APPLE-SA-2014-04-22-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=352374",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=352374"
"name": "https://support.apple.com/kb/HT6537",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6537"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=169176&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=169176&view=revision"
"name": "APPLE-SA-2014-04-22-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
},
{
"name" : "https://support.apple.com/kb/HT6537",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT6537"
"name": "GLSA-201408-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201408-16.xml"
},
{
"name" : "APPLE-SA-2014-04-01-1",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
"name": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update-for-chrome-os_14.html"
},
{
"name" : "APPLE-SA-2014-04-22-2",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
"name": "openSUSE-SU-2014:0501",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html"
},
{
"name" : "APPLE-SA-2014-04-22-3",
"refsource" : "APPLE",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
"name": "APPLE-SA-2014-04-01-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
},
{
"name" : "DSA-2883",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2883"
"name": "https://code.google.com/p/chromium/issues/detail?id=352374",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=352374"
},
{
"name" : "GLSA-201408-16",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201408-16.xml"
"name": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html"
},
{
"name" : "openSUSE-SU-2014:0501",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00008.html"
"name": "https://src.chromium.org/viewvc/blink?revision=169176&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=169176&view=revision"
}
]
}

86
2014/1xxx/CVE-2014-1884.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-1884",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1884",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application."
"lang": "eng",
"value": "Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed (1) in an IFRAME element or (2) with the XMLHttpRequest method by a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2014/Jan/96"
"name": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
},
{
"name" : "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/02/07/9"
"name": "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource": "MISC",
"url": "http://www.internetsociety.org/ndss2014/programme#session3"
},
{
"name" : "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
"name": "20140124 Security Vulnerabilities in Apache Cordova / PhoneGap",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2014/Jan/96"
},
{
"name" : "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf",
"refsource" : "MISC",
"url" : "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf"
"name": "[oss-security] 20140207 Re: CVE request: multiple issues in Apache Cordova/PhoneGap",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/07/9"
},
{
"name" : "http://www.internetsociety.org/ndss2014/programme#session3",
"refsource" : "MISC",
"url" : "http://www.internetsociety.org/ndss2014/programme#session3"
"name": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
}
]
}

74
2014/5xxx/CVE-2014-5640.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5640",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5640",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The CM Backup -Restore,Cloud,Photo (aka com.ijinshan.kbackup) application 1.1.0.135 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#596049",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/596049"
"name": "VU#596049",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/596049"
}
]
}

74
2014/5xxx/CVE-2014-5743.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5743",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5743",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The RE-VOLT 2 : Best RC 3D Racing (aka com.wego.revolt2_global) application 1.2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#561025",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/561025"
},
{
"name" : "VU#561025",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/561025"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/5xxx/CVE-2014-5874.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5874",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5874",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The SplashID (aka com.splashidandroid) application 7.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#438001",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/438001"
},
{
"name" : "VU#438001",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/438001"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

230
2015/2xxx/CVE-2015-2625.json
View File

@ -1,201 +1,201 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2625",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2625",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "RHSA-2015:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10139",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10139"
"name": "SUSE-SU-2015:2192",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
},
{
"name" : "DSA-3339",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3339"
"name": "RHSA-2015:1229",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
},
{
"name" : "DSA-3316",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3316"
"name": "1032910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032910"
},
{
"name" : "GLSA-201603-11",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-11"
"name": "USN-2706-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2706-1"
},
{
"name" : "GLSA-201603-14",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-14"
"name": "RHSA-2015:1526",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
},
{
"name" : "RHSA-2015:1526",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
"name": "RHSA-2015:1485",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
},
{
"name" : "RHSA-2015:1228",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
"name": "75895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75895"
},
{
"name" : "RHSA-2015:1229",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10139",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10139"
},
{
"name" : "RHSA-2015:1230",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
"name": "openSUSE-SU-2015:1289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
},
{
"name" : "RHSA-2015:1241",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
"name": "RHSA-2015:1228",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
},
{
"name" : "RHSA-2015:1242",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
"name": "DSA-3316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3316"
},
{
"name" : "RHSA-2015:1243",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
"name": "SUSE-SU-2015:2166",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
},
{
"name" : "RHSA-2015:1485",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1485.html"
"name": "GLSA-201603-11",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-11"
},
{
"name" : "RHSA-2015:1486",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
"name": "RHSA-2015:1486",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1486.html"
},
{
"name" : "RHSA-2015:1488",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
"name": "GLSA-201603-14",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-14"
},
{
"name" : "RHSA-2015:1604",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
"name": "USN-2696-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2696-1"
},
{
"name" : "SUSE-SU-2016:0113",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
"name": "DSA-3339",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3339"
},
{
"name" : "SUSE-SU-2015:2166",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
"name": "RHSA-2015:1242",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
},
{
"name" : "SUSE-SU-2015:2192",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727"
},
{
"name" : "SUSE-SU-2015:1319",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
"name": "RHSA-2015:1488",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1488.html"
},
{
"name" : "SUSE-SU-2015:1320",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name" : "openSUSE-SU-2015:1288",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name" : "openSUSE-SU-2015:1289",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name" : "USN-2696-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2696-1"
"name": "RHSA-2015:1241",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
},
{
"name" : "USN-2706-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2706-1"
"name": "RHSA-2015:1230",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
},
{
"name" : "75895",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75895"
"name": "RHSA-2015:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1604.html"
},
{
"name" : "1032910",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032910"
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
}
]
}

62
2015/2xxx/CVE-2015-2654.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2654",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-2654",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790."
"lang": "eng",
"value": "Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
}
]
}

22
2015/2xxx/CVE-2015-2671.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2671",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2671",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2015/2xxx/CVE-2015-2868.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2015-2868",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2868",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "ComfortLink II SCC firmware",
"version" : {
"version_data" : [
"product_name": "ComfortLink II SCC firmware",
"version": {
"version_data": [
{
"version_value" : "2.0.2"
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name" : "Trane"
"vendor_name": "Trane"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
"lang": "eng",
"value": "An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting in arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "buffer overflow"
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0027/",
"refsource" : "MISC",
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
"name": "95118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95118"
},
{
"name" : "95118",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95118"
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0027/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0027/"
}
]
}

68
2015/6xxx/CVE-2015-6332.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6332",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6332",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation requests, aka Bug ID CSCuv56830."
"lang": "eng",
"value": "Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by sending many SSL renegotiation requests, aka Bug ID CSCuv56830."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151008 Cisco Prime Renegotiation Request Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-cpi"
"name": "20151008 Cisco Prime Renegotiation Request Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-cpi"
},
{
"name" : "1033786",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033786"
"name": "1033786",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033786"
}
]
}

68
2015/6xxx/CVE-2015-6421.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6421",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6421",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330."
"lang": "eng",
"value": "cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160127 Cisco Wide Area Application Service CIFS Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs"
"name": "1034831",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034831"
},
{
"name" : "1034831",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034831"
"name": "20160127 Cisco Wide Area Application Service CIFS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs"
}
]
}

68
2016/1000xxx/CVE-2016-1000218.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@elastic.co",
"ID" : "CVE-2016-1000218",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000218",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Kibana Reporting",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "2.4.0"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "Elastic"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page."
"lang": "eng",
"value": "Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-352: Cross-Site Request Forgery"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.elastic.co/community/security",
"refsource" : "CONFIRM",
"url" : "https://www.elastic.co/community/security"
"name": "99253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99253"
},
{
"name" : "99253",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99253"
"name": "https://www.elastic.co/community/security",
"refsource": "CONFIRM",
"url": "https://www.elastic.co/community/security"
}
]
}

68
2016/10xxx/CVE-2016-10218.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-10218",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10218",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file."
"lang": "eng",
"value": "The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4",
"refsource" : "CONFIRM",
"url" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4"
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4",
"refsource": "CONFIRM",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=d621292fb2c8157d9899dcd83fd04dd250e30fe4"
},
{
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=697444",
"refsource" : "CONFIRM",
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=697444"
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=697444",
"refsource": "CONFIRM",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=697444"
}
]
}

68
2016/4xxx/CVE-2016-4089.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4089",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4089",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}

80
2016/4xxx/CVE-2016-4333.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4333",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-4333",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it."
"lang": "eng",
"value": "The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0179/",
"refsource" : "MISC",
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0179/"
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0179/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0179/"
},
{
"name" : "DSA-3727",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3727"
"name": "94416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94416"
},
{
"name" : "GLSA-201701-13",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-13"
"name": "GLSA-201701-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-13"
},
{
"name" : "94416",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94416"
"name": "DSA-3727",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3727"
}
]
}

68
2016/4xxx/CVE-2016-4376.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4376",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4376",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors."
"lang": "eng",
"value": "HPE FOS before 7.4.1d and 8.x before 8.0.1 on StoreFabric B switches allows remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212"
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05236212"
},
{
"name" : "92480",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92480"
"name": "92480",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92480"
}
]
}

92
2016/4xxx/CVE-2016-4711.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4711",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4711",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output."
"lang": "eng",
"value": "CCrypt in corecrypto in CommonCrypto in Apple iOS before 10 and OS X before 10.12 allows attackers to discover cleartext information by leveraging a function call that specifies the same buffer for input and output."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207143",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207143"
"name": "1036858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"name" : "https://support.apple.com/HT207170",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207170"
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name" : "APPLE-SA-2016-09-20",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
"name": "APPLE-SA-2016-09-20-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
},
{
"name" : "APPLE-SA-2016-09-20-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
"name": "93056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93056"
},
{
"name" : "93056",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93056"
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
},
{
"name" : "1036858",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036858"
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}

70
2016/8xxx/CVE-2016-8410.json
View File

@ -1,69 +1,69 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-8410",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-8410",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.10"
"version_value": "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31498403. References: QC-CR#987010."
"lang": "eng",
"value": "An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31498403. References: QC-CR#987010."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html"
"name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-12-01.html"
},
{
"name" : "94709",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94709"
"name": "94709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94709"
}
]
}

22
2016/8xxx/CVE-2016-8843.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8843",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2016-8843",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
}
]
}

22
2016/8xxx/CVE-2016-8976.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-8976",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8976",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2016/9xxx/CVE-2016-9296.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-9296",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9296",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files."
"lang": "eng",
"value": "A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp, as used in the 7z.so library and in 7z applications, will cause a crash and a denial of service when decoding malformed 7z files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/yangke/7zip-null-pointer-dereference",
"refsource" : "MISC",
"url" : "https://github.com/yangke/7zip-null-pointer-dereference"
"name": "94294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94294"
},
{
"name" : "https://sourceforge.net/p/p7zip/bugs/185/",
"refsource" : "MISC",
"url" : "https://sourceforge.net/p/p7zip/bugs/185/"
"name": "https://sourceforge.net/p/p7zip/bugs/185/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/p7zip/bugs/185/"
},
{
"name" : "https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/",
"refsource" : "MISC",
"url" : "https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/"
"name": "https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/"
},
{
"name" : "94294",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94294"
"name": "https://github.com/yangke/7zip-null-pointer-dereference",
"refsource": "MISC",
"url": "https://github.com/yangke/7zip-null-pointer-dereference"
}
]
}

110
2016/9xxx/CVE-2016-9462.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"ID" : "CVE-2016-9462",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2016-9462",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4",
"version" : {
"version_data" : [
"product_name": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4",
"version": {
"version_data": [
{
"version_value" : "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4"
"version_value": "Nextcloud Server & ownCloud Server Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to restore old versions."
"lang": "eng",
"value": "Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore privileges when restoring a file. The restore capability of Nextcloud/ownCloud was not verifying whether a user has only read-only access to a share. Thus a user with read-only access was able to restore old versions."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Permission Issues (CWE-275)"
"lang": "eng",
"value": "Permission Issues (CWE-275)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e",
"refsource" : "MISC",
"url" : "https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e"
"name": "https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e",
"refsource": "MISC",
"url": "https://github.com/nextcloud/server/commit/1208953ba1d4d55a18a639846bbcdd66a2d5bc5e"
},
{
"name" : "https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c",
"refsource" : "MISC",
"url" : "https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c"
"name": "https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e",
"refsource": "MISC",
"url": "https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e"
},
{
"name" : "https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13",
"refsource" : "MISC",
"url" : "https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13"
"name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-015",
"refsource": "MISC",
"url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-015"
},
{
"name" : "https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e",
"refsource" : "MISC",
"url" : "https://github.com/owncloud/core/commit/c93eca49c32428ece03dd67042772d5fa62c8d6e"
"name": "https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13",
"refsource": "MISC",
"url": "https://github.com/owncloud/core/commit/3b056fa68ce502ceb0db9b446dab3b9e7b10dd13"
},
{
"name" : "https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1",
"refsource" : "MISC",
"url" : "https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1"
"name": "https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1",
"refsource": "MISC",
"url": "https://github.com/owncloud/core/commit/d31720b6f1e8c8dfeb5e8805ab35ad7c8000b2f1"
},
{
"name" : "https://hackerone.com/reports/146067",
"refsource" : "MISC",
"url" : "https://hackerone.com/reports/146067"
"name": "97285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97285"
},
{
"name" : "https://nextcloud.com/security/advisory/?id=nc-sa-2016-005",
"refsource" : "MISC",
"url" : "https://nextcloud.com/security/advisory/?id=nc-sa-2016-005"
"name": "https://hackerone.com/reports/146067",
"refsource": "MISC",
"url": "https://hackerone.com/reports/146067"
},
{
"name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-015",
"refsource" : "MISC",
"url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-015"
"name": "https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c",
"refsource": "MISC",
"url": "https://github.com/owncloud/core/commit/23383080731d092e079986464a8c4c9ffcb79f4c"
},
{
"name" : "97285",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97285"
"name": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-005",
"refsource": "MISC",
"url": "https://nextcloud.com/security/advisory/?id=nc-sa-2016-005"
}
]
}

22
2019/2xxx/CVE-2019-2160.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2160",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2160",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2231.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2231",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2231",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2610.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2610",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2610",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/2xxx/CVE-2019-2783.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-2783",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-2783",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3041.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3041",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3041",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3271.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3271",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3271",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3663.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3663",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3663",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3995.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3995",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3995",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6125.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6125",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6125",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6831.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6831",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6831",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6859.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6859",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6859",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6920.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6920",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6920",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7213.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7213",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7213",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/7xxx/CVE-2019-7345.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7345",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7345",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php."
"lang": "eng",
"value": "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/ZoneMinder/zoneminder/issues/2468",
"refsource" : "MISC",
"url" : "https://github.com/ZoneMinder/zoneminder/issues/2468"
"name": "https://github.com/ZoneMinder/zoneminder/issues/2468",
"refsource": "MISC",
"url": "https://github.com/ZoneMinder/zoneminder/issues/2468"
}
]
}

22
2019/7xxx/CVE-2019-7358.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7358",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7358",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7654.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7654",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7654",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/7xxx/CVE-2019-7701.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7701",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7701",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm2js."
"lang": "eng",
"value": "A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm2js."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/WebAssembly/binaryen/issues/1863",
"refsource" : "MISC",
"url" : "https://github.com/WebAssembly/binaryen/issues/1863"
"name": "https://github.com/WebAssembly/binaryen/issues/1863",
"refsource": "MISC",
"url": "https://github.com/WebAssembly/binaryen/issues/1863"
}
]
}