admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:06:22 +00:00
parent 752990ccb1
commit 4dcd44ef6f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 4030 additions and 4030 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
1999/0xxx/CVE-1999-0693.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0693", "ID": "CVE-1999-0693",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "00192", "description_data": [
"refsource" : "SUN", {
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192" "lang": "eng",
}, "value": "Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges."
{ }
"name" : "HPSBUX9909-103", ]
"refsource" : "HP", },
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "641", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/641" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:4374", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4374" ]
} },
] "references": {
} "reference_data": [
} {
"name": "641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/641"
},
{
"name": "HPSBUX9909-103",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9909-103"
},
{
"name": "00192",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/192"
},
{
"name": "oval:org.mitre.oval:def:4374",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4374"
}
]
}
}

120
1999/0xxx/CVE-1999-0926.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0926", "ID": "CVE-1999-0926",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apache allows remote attackers to conduct a denial of service via a large number of MIME headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990903 Web servers / possible DOS Attack / mime header flooding", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html" "lang": "eng",
} "value": "Apache allows remote attackers to conduct a denial of service via a large number of MIME headers."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990903 Web servers / possible DOS Attack / mime header flooding",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/1998_3/0742.html"
}
]
}
}

130
1999/1xxx/CVE-1999-1023.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1023", "ID": "CVE-1999-1023",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the \"-e\" (expiration date) argument, which could allow users to login after their accounts have expired."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990610 Sun Useradd program expiration date bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=92904175406756&w=2" "lang": "eng",
}, "value": "useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the \"-e\" (expiration date) argument, which could allow users to login after their accounts have expired."
{ }
"name" : "426", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/426" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "426",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/426"
},
{
"name": "19990610 Sun Useradd program expiration date bug",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=92904175406756&w=2"
}
]
}
}

160
1999/1xxx/CVE-1999-1286.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1286", "ID": "CVE-1999-1286",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19970509 Re: Irix: misc", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=87602167420927&w=2" "lang": "eng",
}, "value": "addnetpr in SGI IRIX 6.2 and earlier allows local users to modify arbitrary files and possibly gain root access via a symlink attack on a temporary file."
{ }
"name" : "ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX", ]
"refsource" : "MISC", },
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "330", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/330" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "8560", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/8560" ]
}, },
{ "references": {
"name" : "irix-addnetpr(1433)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1433" "name": "irix-addnetpr(1433)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1433"
} },
} {
"name": "8560",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/8560"
},
{
"name": "ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX",
"refsource": "MISC",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19961203-02-PX"
},
{
"name": "19970509 Re: Irix: misc",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=87602167420927&w=2"
},
{
"name": "330",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/330"
}
]
}
}

120
1999/1xxx/CVE-1999-1342.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1342", "ID": "CVE-1999-1342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991017 ICQ ActiveList Server Exploit...", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=94042342010662&w=2" "lang": "eng",
} "value": "ICQ ActiveList Server allows remote attackers to cause a denial of service (crash) via malformed packets to the server's UDP port."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991017 ICQ ActiveList Server Exploit...",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94042342010662&w=2"
}
]
}
}

120
2000/0xxx/CVE-2000-0001.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0001", "ID": "CVE-2000-0001",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "RealMedia server allows remote attackers to cause a denial of service via a long ramgen request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "888", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/888" "lang": "eng",
} "value": "RealMedia server allows remote attackers to cause a denial of service via a long ramgen request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/888"
}
]
}
}

120
2000/0xxx/CVE-2000-0061.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0061", "ID": "CVE-2000-0061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "923", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/923" "lang": "eng",
} "value": "Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "923",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/923"
}
]
}
}

150
2000/0xxx/CVE-2000-0204.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0204", "ID": "CVE-2000-0204",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000226 DOS in Trendmicro OfficeScan", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-02/0340.html" "lang": "eng",
}, "value": "The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%."
{ }
"name" : "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.antivirus.com/download/ofce_patch_35.htm", "description": [
"refsource" : "MISC", {
"url" : "http://www.antivirus.com/download/ofce_patch_35.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1013", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1013" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000226 DOS in Trendmicro OfficeScan",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-02/0340.html"
},
{
"name": "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com"
},
{
"name": "http://www.antivirus.com/download/ofce_patch_35.htm",
"refsource": "MISC",
"url": "http://www.antivirus.com/download/ofce_patch_35.htm"
},
{
"name": "1013",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1013"
}
]
}
}

140
2000/0xxx/CVE-2000-0436.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0436", "ID": "CVE-2000-0436",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000522 MetaProducts Offline Explorer Directory Traversal Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0254.html" "lang": "eng",
}, "value": "MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack."
{ }
"name" : "http://www.metaproducts.com/mpOE-HY.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.metaproducts.com/mpOE-HY.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1231", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1231" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1231"
},
{
"name": "http://www.metaproducts.com/mpOE-HY.html",
"refsource": "CONFIRM",
"url": "http://www.metaproducts.com/mpOE-HY.html"
},
{
"name": "20000522 MetaProducts Offline Explorer Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0254.html"
}
]
}
}

170
2000/0xxx/CVE-2000-0439.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0439", "ID": "CVE-2000-0439",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the \"Unauthorized Cookie Access\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000510 IE Domain Confusion Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000511135609.D7774@securityfocus.com" "lang": "eng",
}, "value": "Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another domain by including that domain name and escaped characters in a URL, aka the \"Unauthorized Cookie Access\" vulnerability."
{ }
"name" : "20000511 IE Domain Confusion Vulnerability is an Email problem also", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=NDBBKGHPMKBKDDGLDEEHAEHMDIAA.rms2000@bellatlantic.net" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS00-033", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1194", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1194" ]
}, },
{ "references": {
"name" : "1326", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1326" "name": "1194",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/1194"
"name" : "ie-cookie-disclosure(4447)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4447" "name": "20000511 IE Domain Confusion Vulnerability is an Email problem also",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=NDBBKGHPMKBKDDGLDEEHAEHMDIAA.rms2000@bellatlantic.net"
} },
} {
"name": "MS00-033",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-033"
},
{
"name": "ie-cookie-disclosure(4447)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4447"
},
{
"name": "20000510 IE Domain Confusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000511135609.D7774@securityfocus.com"
},
{
"name": "1326",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1326"
}
]
}
}

140
2000/0xxx/CVE-2000-0452.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0452", "ID": "CVE-2000-0452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000518 Lotus ESMTP Service (Lotus Domino Release 5.0.1 (Intl))", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0219.html" "lang": "eng",
}, "value": "Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command."
{ }
"name" : "1229", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1229" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "321", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/321" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20000518 Lotus ESMTP Service (Lotus Domino Release 5.0.1 (Intl))",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0219.html"
},
{
"name": "321",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/321"
},
{
"name": "1229",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1229"
}
]
}
}

130
2000/0xxx/CVE-2000-0648.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0648", "ID": "CVE-2000-0648",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000711 WFTPD/WFTPD Pro 2.41 RC10 denial-of-service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=E13BvU6-0007d8-00@dwarf.box.sk" "lang": "eng",
}, "value": "WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command."
{ }
"name" : "1456", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1456" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000711 WFTPD/WFTPD Pro 2.41 RC10 denial-of-service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=E13BvU6-0007d8-00@dwarf.box.sk"
},
{
"name": "1456",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1456"
}
]
}
}

150
2000/0xxx/CVE-2000-0753.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0753", "ID": "CVE-2000-0753",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000824 Outlook winmail.dat", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/78240" "lang": "eng",
}, "value": "The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files."
{ }
"name" : "20010802 Outlook 2000 Rich Text information disclosure", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/201422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1631", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1631" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "outlook-reveal-path(5508)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5508" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1631"
},
{
"name": "20010802 Outlook 2000 Rich Text information disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/201422"
},
{
"name": "outlook-reveal-path(5508)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5508"
},
{
"name": "20000824 Outlook winmail.dat",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/78240"
}
]
}
}

140
2000/1xxx/CVE-2000-1021.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1021", "ID": "CVE-2000-1021",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000917 VIGILANTE-2000012: Mdaemon Web Services Heap Overflow DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=96925269716274&w=2" "lang": "eng",
}, "value": "Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL."
{ }
"name" : "1689", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1689" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mdaemon-url-dos(5250)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5250" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1689"
},
{
"name": "mdaemon-url-dos(5250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5250"
},
{
"name": "20000917 VIGILANTE-2000012: Mdaemon Web Services Heap Overflow DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=96925269716274&w=2"
}
]
}
}

150
2005/2xxx/CVE-2005-2139.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2139", "ID": "CVE-2005-2139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2005-0930", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/0930" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter."
{ }
"name" : "17631", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/17631" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014321", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014321" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15873", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/15873" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1014321",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014321"
},
{
"name": "17631",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/17631"
},
{
"name": "15873",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15873"
},
{
"name": "ADV-2005-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/0930"
}
]
}
}

150
2005/2xxx/CVE-2005-2577.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2577", "ID": "CVE-2005-2577",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050810 remote DOS on Wyse thin client 1125SE", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112379283900586&w=2" "lang": "eng",
}, "value": "Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field."
{ }
"name" : "14536", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/14536" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1014659", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014659" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16409", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16409" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20050810 remote DOS on Wyse thin client 1125SE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112379283900586&w=2"
},
{
"name": "16409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16409"
},
{
"name": "14536",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14536"
},
{
"name": "1014659",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014659"
}
]
}
}

160
2005/2xxx/CVE-2005-2723.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2723", "ID": "CVE-2005-2723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050824 PaFileDB 3.1 - SQL-Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112490781927680&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in auth.php in PaFileDB 3.1, when authmethod is set to cookies, allows remote attackers to execute arbitrary SQL commands via the username value in the pafiledbcookie cookie."
{ }
"name" : "http://www.security-project.org/projects/board/showthread.php?t=947", ]
"refsource" : "MISC", },
"url" : "http://www.security-project.org/projects/board/showthread.php?t=947" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14654", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14654" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "16566", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/16566/" ]
}, },
{ "references": {
"name" : "pafiledb-auth-sql-injection(21988)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21988" "name": "14654",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/14654"
} },
} {
"name": "pafiledb-auth-sql-injection(21988)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21988"
},
{
"name": "16566",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16566/"
},
{
"name": "http://www.security-project.org/projects/board/showthread.php?t=947",
"refsource": "MISC",
"url": "http://www.security-project.org/projects/board/showthread.php?t=947"
},
{
"name": "20050824 PaFileDB 3.1 - SQL-Injection",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112490781927680&w=2"
}
]
}
}

190
2005/3xxx/CVE-2005-3545.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3545", "ID": "CVE-2005-3545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20051105 Sql injection in ibProArcade", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/415793" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php of the report module in ibProArcade 2.5.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter."
{ }
"name" : "http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "15333", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/15333" ]
}, },
{ "references": {
"name" : "ADV-2005-2334", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2334" "name": "http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373",
}, "refsource": "CONFIRM",
{ "url": "http://www.ibproarcade.com/index.php?showtopic=7576&pid=47373&st=0&#entry47373"
"name" : "20514", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/20514" "name": "http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370",
}, "refsource": "CONFIRM",
{ "url": "http://www.ibproarcade.com/index.php?showtopic=7575&pid=47370&st=0&#entry47370"
"name" : "17457", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17457" "name": "17457",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/17457"
"name" : "151", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/151" "name": "151",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/151"
} },
} {
"name": "ADV-2005-2334",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2334"
},
{
"name": "20051105 Sql injection in ibProArcade",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/415793"
},
{
"name": "20514",
"refsource": "OSVDB",
"url": "http://osvdb.org/20514"
},
{
"name": "15333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15333"
}
]
}
}

190
2007/5xxx/CVE-2007-5071.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5071", "ID": "CVE-2007-5071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability was also present in a 0.5.1 download available in the early morning of 20070923. NOTE: the original 20070920 disclosure provided an incorrect filename, img_upload_cgi.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070920 SimplePHPBlog Hacking", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/480092/100/0/threaded" "lang": "eng",
}, "value": "Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability was also present in a 0.5.1 download available in the early morning of 20070923. NOTE: the original 20070920 disclosure provided an incorrect filename, img_upload_cgi.php."
{ }
"name" : "20070925 Simple PHP Blog Multiple Vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/480569/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446", ]
"refsource" : "CONFIRM", }
"url" : "http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446" ]
}, },
{ "references": {
"name" : "http://www.simplephpblog.com/index.php?m=09&y=07", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.simplephpblog.com/index.php?m=09&y=07" "name": "26968",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26968"
"name" : "25747", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25747" "name": "25747",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25747"
"name" : "26968", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26968" "name": "simplephpblog-uploadimgcgi-file-upload(36785)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36785"
"name" : "simplephpblog-uploadimgcgi-file-upload(36785)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36785" "name": "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt",
} "refsource": "MISC",
] "url": "http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt"
} },
} {
"name": "http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446",
"refsource": "CONFIRM",
"url": "http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446"
},
{
"name": "http://www.simplephpblog.com/index.php?m=09&y=07",
"refsource": "CONFIRM",
"url": "http://www.simplephpblog.com/index.php?m=09&y=07"
},
{
"name": "20070925 Simple PHP Blog Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480569/100/0/threaded"
},
{
"name": "20070920 SimplePHPBlog Hacking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480092/100/0/threaded"
}
]
}
}

160
2007/5xxx/CVE-2007-5111.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5111", "ID": "CVE-2007-5111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a denial of service (crash) via a string argument to the AddString method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4453", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4453" "lang": "eng",
}, "value": "A certain ActiveX control in EBCRYPT.DLL 2.0 in EB Design ebCrypt allows remote attackers to cause a denial of service (crash) via a string argument to the AddString method."
{ }
"name" : "http://shinnai.altervista.org/exploits/txt/TXT_ZzLXiITIfSuVuh1kPHDP.html", ]
"refsource" : "MISC", },
"url" : "http://shinnai.altervista.org/exploits/txt/TXT_ZzLXiITIfSuVuh1kPHDP.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25789", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25789" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38726", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38726" ]
}, },
{ "references": {
"name" : "ebcrypt-ebcprngenerator-dos(36770)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36770" "name": "ebcrypt-ebcprngenerator-dos(36770)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36770"
} },
} {
"name": "http://shinnai.altervista.org/exploits/txt/TXT_ZzLXiITIfSuVuh1kPHDP.html",
"refsource": "MISC",
"url": "http://shinnai.altervista.org/exploits/txt/TXT_ZzLXiITIfSuVuh1kPHDP.html"
},
{
"name": "4453",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4453"
},
{
"name": "38726",
"refsource": "OSVDB",
"url": "http://osvdb.org/38726"
},
{
"name": "25789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25789"
}
]
}
}

210
2007/5xxx/CVE-2007-5361.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5361", "ID": "CVE-2007-5361",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071119 Alcatel OmniPCX Enterprise VoIP Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/483925/100/0/threaded" "lang": "eng",
}, "value": "The Communication Server in Alcatel-Lucent OmniPCX Enterprise 7.1 and earlier caches an IP address during a TFTP request from an IP Touch phone, and uses this IP address as the destination for all subsequent VoIP packets to this phone, which allows remote attackers to cause a denial of service (loss of audio) or intercept voice communications via a crafted TFTP request containing the phone's MAC address in the filename."
{ }
"name" : "http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_enterprise_audio_rerouting_vulnerability_v1.0.txt", ]
"refsource" : "MISC", },
"url" : "http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_enterprise_audio_rerouting_vulnerability_v1.0.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www1.alcatel-lucent.com/psirt/statements/2007004/IPTouchDOS.pdf", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www1.alcatel-lucent.com/psirt/statements/2007004/IPTouchDOS.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26494", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26494" ]
}, },
{ "references": {
"name" : "ADV-2007-3919", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3919" "name": "3387",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3387"
"name" : "40522", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40522" "name": "27710",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27710"
"name" : "1018983", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018983" "name": "http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_enterprise_audio_rerouting_vulnerability_v1.0.txt",
}, "refsource": "MISC",
{ "url": "http://www.csnc.ch/static/advisory/csnc/alcatel_omnipcx_enterprise_audio_rerouting_vulnerability_v1.0.txt"
"name" : "27710", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27710" "name": "26494",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26494"
"name" : "3387", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3387" "name": "omnipcx-tftp-dos(38560)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38560"
"name" : "omnipcx-tftp-dos(38560)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38560" "name": "http://www1.alcatel-lucent.com/psirt/statements/2007004/IPTouchDOS.pdf",
} "refsource": "CONFIRM",
] "url": "http://www1.alcatel-lucent.com/psirt/statements/2007004/IPTouchDOS.pdf"
} },
} {
"name": "20071119 Alcatel OmniPCX Enterprise VoIP Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483925/100/0/threaded"
},
{
"name": "ADV-2007-3919",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3919"
},
{
"name": "40522",
"refsource": "OSVDB",
"url": "http://osvdb.org/40522"
},
{
"name": "1018983",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018983"
}
]
}
}

150
2007/5xxx/CVE-2007-5481.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5481", "ID": "CVE-2007-5481",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote attackers to cause a denial of service (crash) via a \"SOCKS flood.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.rhyolite.com/anti-spam/dcc/CHANGES", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.rhyolite.com/anti-spam/dcc/CHANGES" "lang": "eng",
}, "value": "Distributed Checksum Clearinghouse (DCC) 1.3.65 allows remote attackers to cause a denial of service (crash) via a \"SOCKS flood.\""
{ }
"name" : "26088", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26088" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27262", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27262" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "dcc-socks-streams-dos(37224)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37224" ]
} },
] "references": {
} "reference_data": [
} {
"name": "26088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26088"
},
{
"name": "27262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27262"
},
{
"name": "dcc-socks-streams-dos(37224)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37224"
},
{
"name": "http://www.rhyolite.com/anti-spam/dcc/CHANGES",
"refsource": "CONFIRM",
"url": "http://www.rhyolite.com/anti-spam/dcc/CHANGES"
}
]
}
}

160
2007/5xxx/CVE-2007-5723.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5723", "ID": "CVE-2007-5723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.nufw.org/+NuFW-2-2-7,207+.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.nufw.org/+NuFW-2-2-7,207+.html" "lang": "eng",
}, "value": "Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information."
{ }
"name" : "26251", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/26251" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39724", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39724" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27442", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/27442" ]
}, },
{ "references": {
"name" : "nufw-sampsend-dos(38153)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38153" "name": "27442",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27442"
} },
} {
"name": "26251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26251"
},
{
"name": "http://www.nufw.org/+NuFW-2-2-7,207+.html",
"refsource": "CONFIRM",
"url": "http://www.nufw.org/+NuFW-2-2-7,207+.html"
},
{
"name": "39724",
"refsource": "OSVDB",
"url": "http://osvdb.org/39724"
},
{
"name": "nufw-sampsend-dos(38153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38153"
}
]
}
}

120
2009/2xxx/CVE-2009-2448.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2448", "ID": "CVE-2009-2448",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the search_choice parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35762", "description_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35762" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in ogp_show.php in Online Guestbook Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via the search_choice parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35762"
}
]
}
}

170
2009/2xxx/CVE-2009-2456.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2456", "ID": "CVE-2009-2456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.novell.com/support/viewContent.do?externalId=3426981", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/viewContent.do?externalId=3426981" "lang": "eng",
}, "value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (ndsd core dump) via an LDAP request containing multiple . (dot) wildcard characters in the Relative Distinguished Name (RDN)."
{ }
"name" : "35666", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35666" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55848", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/55848" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34160", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/34160" ]
}, },
{ "references": {
"name" : "ADV-2009-1883", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1883" "name": "34160",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/34160"
"name" : "edirectory-rdns-dos(51705)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705" "name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
} "refsource": "CONFIRM",
] "url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
} },
} {
"name": "55848",
"refsource": "OSVDB",
"url": "http://osvdb.org/55848"
},
{
"name": "edirectory-rdns-dos(51705)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51705"
},
{
"name": "35666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
]
}
}

34
2009/2xxx/CVE-2009-2623.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2623", "ID": "CVE-2009-2623",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

300
2009/2xxx/CVE-2009-2689.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2689", "ID": "CVE-2009-2689",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html" "lang": "eng",
}, "value": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application."
{ }
"name" : "http://java.sun.com/javase/6/webnotes/6u15.html", ]
"refsource" : "CONFIRM", },
"url" : "http://java.sun.com/javase/6/webnotes/6u15.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1", "description": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1", ]
"refsource" : "CONFIRM", }
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=513222", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=513222" "name": "RHSA-2009:1199",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2009-1199.html"
"name" : "APPLE-SA-2009-09-03-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" "name": "36162",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36162"
"name" : "FEDORA-2009-8329", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" "name": "ADV-2009-2543",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2009/2543"
"name" : "FEDORA-2009-8337", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" "name": "oval:org.mitre.oval:def:9603",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603"
"name" : "GLSA-200911-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" "name": "GLSA-200911-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
"name" : "MDVSA-2009:209", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" "name": "36199",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36199"
"name" : "RHSA-2009:1199", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1199.html" "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1",
}, "refsource": "CONFIRM",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1"
"name" : "RHSA-2009:1201", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2009-1201.html" "name": "MDVSA-2009:209",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209"
"name" : "SUSE-SR:2009:016", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" "name": "FEDORA-2009-8329",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html"
"name" : "oval:org.mitre.oval:def:9603", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9603" "name": "http://java.sun.com/javase/6/webnotes/6u15.html",
}, "refsource": "CONFIRM",
{ "url": "http://java.sun.com/javase/6/webnotes/6u15.html"
"name" : "36162", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36162" "name": "36180",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/36180"
"name" : "36180", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36180" "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
}, "refsource": "CONFIRM",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
"name" : "36199", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36199" "name": "FEDORA-2009-8337",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html"
"name" : "37386", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/37386" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=513222",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222"
"name" : "ADV-2009-2543", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2543" "name": "SUSE-SR:2009:016",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html"
} },
} {
"name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource": "CONFIRM",
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "APPLE-SA-2009-09-03-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
},
{
"name": "RHSA-2009:1201",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
}
]
}
}

120
2009/3xxx/CVE-2009-3324.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3324", "ID": "CVE-2009-3324",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/prodler.class.php in ProdLer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sPath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9728", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9728" "lang": "eng",
} "value": "PHP remote file inclusion vulnerability in include/prodler.class.php in ProdLer 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sPath parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9728",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9728"
}
]
}
}

160
2009/3xxx/CVE-2009-3714.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3714", "ID": "CVE-2009-3714",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin_login.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "9205", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/9205" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in admin_login.php in MCshoutbox 1.1 allows remote attackers to inject arbitrary web script or HTML via the loginerror parameter."
{ }
"name" : "56062", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/56062" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35885", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35885" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-1961", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/1961" ]
}, },
{ "references": {
"name" : "mcshoutbox-adminlogin-xss(51862)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51862" "name": "mcshoutbox-adminlogin-xss(51862)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51862"
} },
} {
"name": "9205",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9205"
},
{
"name": "56062",
"refsource": "OSVDB",
"url": "http://osvdb.org/56062"
},
{
"name": "35885",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35885"
},
{
"name": "ADV-2009-1961",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1961"
}
]
}
}

132
2015/0xxx/CVE-2015-0575.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-07-01T00:00:00", "DATE_PUBLIC": "2017-07-01T00:00:00",
"ID" : "CVE-2015-0575", "ID": "CVE-2015-0575",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Configuration Vulnerability in SSL"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-07-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration."
{ }
"name" : "99467", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99467" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Configuration Vulnerability in SSL"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99467"
}
]
}
}

160
2015/0xxx/CVE-2015-0588.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0588", "ID": "CVE-2015-0588",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150115 Cisco Unified Communications Domain Manager Cross-Site Request Forgery Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0588" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055."
{ }
"name" : "72082", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72082" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031559", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031559" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "62352", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/62352" ]
}, },
{ "references": {
"name" : "cisco-ucdm-cve20150588-csrf(100657)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100657" "name": "1031559",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1031559"
} },
} {
"name": "20150115 Cisco Unified Communications Domain Manager Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0588"
},
{
"name": "62352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62352"
},
{
"name": "cisco-ucdm-cve20150588-csrf(100657)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100657"
},
{
"name": "72082",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72082"
}
]
}
}

34
2015/0xxx/CVE-2015-0942.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-0942", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-0942",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, CVE-2015-6747. Reason: This candidate originally combined multiple issues that have different vulnerability types and other complex abstraction issues. Notes: All CVE users should reference CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, and CVE-2015-6747 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, CVE-2015-6747. Reason: This candidate originally combined multiple issues that have different vulnerability types and other complex abstraction issues. Notes: All CVE users should reference CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, and CVE-2015-6747 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

130
2015/0xxx/CVE-2015-0982.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-0982", "ID": "CVE-2015-0982",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-071-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-071-01" "lang": "eng",
}, "value": "Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "http://download.schneider-electric.com/files?p_File_Id=755516404&p_File_Name=SEVD-2015-065-01+Pelco+DS-NVs+Video+Mgmt+SW.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://download.schneider-electric.com/files?p_File_Id=755516404&p_File_Name=SEVD-2015-065-01+Pelco+DS-NVs+Video+Mgmt+SW.pdf" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://download.schneider-electric.com/files?p_File_Id=755516404&p_File_Name=SEVD-2015-065-01+Pelco+DS-NVs+Video+Mgmt+SW.pdf",
"refsource": "CONFIRM",
"url": "http://download.schneider-electric.com/files?p_File_Id=755516404&p_File_Name=SEVD-2015-065-01+Pelco+DS-NVs+Video+Mgmt+SW.pdf"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-071-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-071-01"
}
]
}
}

120
2015/3xxx/CVE-2015-3968.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-3968", "ID": "CVE-2015-3968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03" "lang": "eng",
} "value": "The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03"
}
]
}
}

120
2015/4xxx/CVE-2015-4408.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4408", "ID": "CVE-2015-4408",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the ISAPI issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.hikvision.com/En/Press-Release-details_435_i1023.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hikvision.com/En/Press-Release-details_435_i1023.html" "lang": "eng",
} "value": "Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the ISAPI issue."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hikvision.com/En/Press-Release-details_435_i1023.html",
"refsource": "CONFIRM",
"url": "http://www.hikvision.com/En/Press-Release-details_435_i1023.html"
}
]
}
}

200
2015/4xxx/CVE-2015-4499.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-4499", "ID": "CVE-2015-4499",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150910 Security Advisory for Bugzilla 5.0, 4.4.9, and 4.2.14", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Sep/48" "lang": "eng",
}, "value": "Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary domain name by placing that name in a substring of an address, as demonstrated by truncation of an @mozilla.com.example.com address to an @mozilla.com address."
{ }
"name" : "20150910 Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15", ]
"refsource" : "BUGTRAQ", },
"url" : "http://seclists.org/bugtraq/2015/Sep/49" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/133578/Bugzilla-Unauthorized-Account-Creation.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/133578/Bugzilla-Unauthorized-Account-Creation.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bug1202447.bmoattachments.org/attachment.cgi?id=8657861", ]
"refsource" : "MISC", }
"url" : "https://bug1202447.bmoattachments.org/attachment.cgi?id=8657861" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202447", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1202447" "name": "FEDORA-2015-15768",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169946.html"
"name" : "FEDORA-2015-15767", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169983.html" "name": "1033542",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033542"
"name" : "FEDORA-2015-15768", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169946.html" "name": "20150910 Security Advisory for Bugzilla 5.0, 4.4.9, and 4.2.14",
}, "refsource": "BUGTRAQ",
{ "url": "http://seclists.org/bugtraq/2015/Sep/48"
"name" : "FEDORA-2015-15769", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168725.html" "name": "https://bug1202447.bmoattachments.org/attachment.cgi?id=8657861",
}, "refsource": "MISC",
{ "url": "https://bug1202447.bmoattachments.org/attachment.cgi?id=8657861"
"name" : "1033542", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033542" "name": "20150910 Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15",
} "refsource": "BUGTRAQ",
] "url": "http://seclists.org/bugtraq/2015/Sep/49"
} },
} {
"name": "http://packetstormsecurity.com/files/133578/Bugzilla-Unauthorized-Account-Creation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133578/Bugzilla-Unauthorized-Account-Creation.html"
},
{
"name": "FEDORA-2015-15769",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168725.html"
},
{
"name": "FEDORA-2015-15767",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169983.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202447",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1202447"
}
]
}
}

130
2015/4xxx/CVE-2015-4738.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4738", "ID": "CVE-2015-4738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Security."
{ }
"name" : "1032917", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032917" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
},
{
"name": "1032917",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032917"
}
]
}
}

130
2015/4xxx/CVE-2015-4834.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4834", "ID": "CVE-2015-4834",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Zones."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Zones."
{ }
"name" : "1033881", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033881" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033881"
}
]
}
}

34
2015/4xxx/CVE-2015-4918.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-4918", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-4918",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8342.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8342", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8342",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

34
2015/8xxx/CVE-2015-8465.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8465", "ID": "CVE-2015-8465",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

210
2015/8xxx/CVE-2015-8612.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2015-8612", "ID": "CVE-2015-8612",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46186", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46186/" "lang": "eng",
}, "value": "The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument."
{ }
"name" : "[oss-security] 20151218 CVE request: Blueman: Privilege escalation in blueman dbus API", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/12/18/6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20151218 Re: CVE request: Blueman: Privilege escalation in blueman dbus API", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/12/19/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://twitter.com/thegrugq/status/677809527882813440", ]
"refsource" : "MISC", }
"url" : "https://twitter.com/thegrugq/status/677809527882813440" ]
}, },
{ "references": {
"name" : "http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html", "reference_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html" "name": "79688",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79688"
"name" : "https://github.com/blueman-project/blueman/issues/416", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/blueman-project/blueman/issues/416" "name": "DSA-3427",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3427"
"name" : "https://github.com/blueman-project/blueman/releases/tag/2.0.3", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/blueman-project/blueman/releases/tag/2.0.3" "name": "46186",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/46186/"
"name" : "DSA-3427", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3427" "name": "SSA:2015-356-01",
}, "refsource": "SLACKWARE",
{ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.421085"
"name" : "SSA:2015-356-01", },
"refsource" : "SLACKWARE", {
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.421085" "name": "https://twitter.com/thegrugq/status/677809527882813440",
}, "refsource": "MISC",
{ "url": "https://twitter.com/thegrugq/status/677809527882813440"
"name" : "79688", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79688" "name": "[oss-security] 20151218 CVE request: Blueman: Privilege escalation in blueman dbus API",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2015/12/18/6"
} },
} {
"name": "https://github.com/blueman-project/blueman/issues/416",
"refsource": "CONFIRM",
"url": "https://github.com/blueman-project/blueman/issues/416"
},
{
"name": "[oss-security] 20151218 Re: CVE request: Blueman: Privilege escalation in blueman dbus API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/12/19/1"
},
{
"name": "http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135047/Slackware-Security-Advisory-blueman-Updates.html"
},
{
"name": "https://github.com/blueman-project/blueman/releases/tag/2.0.3",
"refsource": "CONFIRM",
"url": "https://github.com/blueman-project/blueman/releases/tag/2.0.3"
}
]
}
}

160
2015/8xxx/CVE-2015-8792.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8792", "ID": "CVE-2015-8792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[matroska-users] 20151020 libEBML v1.3.3, libMatroska v1.4.4 released: important fixes", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html" "lang": "eng",
}, "value": "The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access."
{ }
"name" : "https://github.com/Matroska-Org/libmatroska/blob/release-1.4.4/ChangeLog", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/Matroska-Org/libmatroska/blob/release-1.4.4/ChangeLog" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3526", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3526" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0125", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html" "name": "https://github.com/Matroska-Org/libmatroska/blob/release-1.4.4/ChangeLog",
} "refsource": "CONFIRM",
] "url": "https://github.com/Matroska-Org/libmatroska/blob/release-1.4.4/ChangeLog"
} },
} {
"name": "https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f",
"refsource": "CONFIRM",
"url": "https://github.com/Matroska-Org/libmatroska/commit/0a2d3e3644a7453b6513db2f9bc270f77943573f"
},
{
"name": "openSUSE-SU-2016:0125",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00035.html"
},
{
"name": "DSA-3526",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3526"
},
{
"name": "[matroska-users] 20151020 libEBML v1.3.3, libMatroska v1.4.4 released: important fixes",
"refsource": "MLIST",
"url": "http://lists.matroska.org/pipermail/matroska-users/2015-October/006985.html"
}
]
}
}

232
2015/9xxx/CVE-2015-9266.json
View File

@ -1,118 +1,118 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-9266", "ID": "CVE-2015-9266",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Ubiquiti airOS HTTP(S) unauthenticated arbitrary file upload" "TITLE": "Ubiquiti airOS HTTP(S) unauthenticated arbitrary file upload"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "This vulnerability was reported by 93c08539."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "credit": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "This vulnerability was reported by 93c08539."
"name" : "39701", }
"refsource" : "EXPLOIT-DB", ],
"url" : "https://www.exploit-db.com/exploits/39701/" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "39853", "description": {
"refsource" : "EXPLOIT-DB", "description_data": [
"url" : "https://www.exploit-db.com/exploits/39853/" {
}, "lang": "eng",
{ "value": "The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2."
"name" : "https://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940", }
"refsource" : "MISC", ]
"url" : "https://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940" },
}, "impact": {
{ "cvss": {
"name" : "https://hackerone.com/reports/73480", "attackComplexity": "LOW",
"refsource" : "MISC", "attackVector": "NETWORK",
"url" : "https://hackerone.com/reports/73480" "availabilityImpact": "HIGH",
}, "baseScore": 9.8,
{ "baseSeverity": "CRITICAL",
"name" : "https://www.rapid7.com/db/modules/exploit/linux/ssh/ubiquiti_airos_file_upload", "confidentialityImpact": "HIGH",
"refsource" : "MISC", "integrityImpact": "HIGH",
"url" : "https://www.rapid7.com/db/modules/exploit/linux/ssh/ubiquiti_airos_file_upload" "privilegesRequired": "NONE",
}, "scope": "UNCHANGED",
{ "userInteraction": "NONE",
"name" : "https://community.ubnt.com/t5/airMAX-Updates-Blog/Important-Security-Notice-and-airOS-5-6-5-Release/ba-p/1565949", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"refsource" : "CONFIRM", "version": "3.0"
"url" : "https://community.ubnt.com/t5/airMAX-Updates-Blog/Important-Security-Notice-and-airOS-5-6-5-Release/ba-p/1565949" }
}, },
{ "problemtype": {
"name" : "https://community.ubnt.com/t5/airMAX-Updates-Blog/Security-Release-for-airMAX-TOUGHSwitch-and-airGateway-Released/ba-p/1300494", "problemtype_data": [
"refsource" : "CONFIRM", {
"url" : "https://community.ubnt.com/t5/airMAX-Updates-Blog/Security-Release-for-airMAX-TOUGHSwitch-and-airGateway-Released/ba-p/1300494" "description": [
} {
] "lang": "eng",
}, "value": "n/a"
"source" : { }
"discovery" : "UNKNOWN" ]
} }
} ]
},
"references": {
"reference_data": [
{
"name": "https://www.rapid7.com/db/modules/exploit/linux/ssh/ubiquiti_airos_file_upload",
"refsource": "MISC",
"url": "https://www.rapid7.com/db/modules/exploit/linux/ssh/ubiquiti_airos_file_upload"
},
{
"name": "39701",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39701/"
},
{
"name": "https://hackerone.com/reports/73480",
"refsource": "MISC",
"url": "https://hackerone.com/reports/73480"
},
{
"name": "https://community.ubnt.com/t5/airMAX-Updates-Blog/Important-Security-Notice-and-airOS-5-6-5-Release/ba-p/1565949",
"refsource": "CONFIRM",
"url": "https://community.ubnt.com/t5/airMAX-Updates-Blog/Important-Security-Notice-and-airOS-5-6-5-Release/ba-p/1565949"
},
{
"name": "39853",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39853/"
},
{
"name": "https://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940",
"refsource": "MISC",
"url": "https://community.ubnt.com/t5/airMAX-General-Discussion/Virus-attack-URGENT-UBNT/td-p/1562940"
},
{
"name": "https://community.ubnt.com/t5/airMAX-Updates-Blog/Security-Release-for-airMAX-TOUGHSwitch-and-airGateway-Released/ba-p/1300494",
"refsource": "CONFIRM",
"url": "https://community.ubnt.com/t5/airMAX-Updates-Blog/Security-Release-for-airMAX-TOUGHSwitch-and-airGateway-Released/ba-p/1300494"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

150
2016/5xxx/CVE-2016-5176.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5176", "ID": "CVE-2016-5176",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection mechanism via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://crbug.com/595838", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://crbug.com/595838" "lang": "eng",
}, "value": "Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection mechanism via unspecified vectors."
{ }
"name" : "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html", ]
"refsource" : "CONFIRM", },
"url" : "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1905", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1905.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "93234", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/93234" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://crbug.com/595838",
"refsource": "CONFIRM",
"url": "https://crbug.com/595838"
},
{
"name": "93234",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93234"
},
{
"name": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html",
"refsource": "CONFIRM",
"url": "https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html"
},
{
"name": "RHSA-2016:1905",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1905.html"
}
]
}
}

170
2016/5xxx/CVE-2016-5426.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5426", "ID": "CVE-2016-5426",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/09/3" "lang": "eng",
}, "value": "PowerDNS (aka pdns) Authoritative Server before 3.4.10 allows remote attackers to cause a denial of service (backend CPU consumption) via a long qname."
{ }
"name" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/", ]
"refsource" : "CONFIRM", },
"url" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3664", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3664" ]
}, },
{ "references": {
"name" : "92917", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92917" "name": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3"
"name" : "1036761", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036761" "name": "1036761",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1036761"
} },
} {
"name": "DSA-3664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3664"
},
{
"name": "92917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92917"
},
{
"name": "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/09/3"
},
{
"name": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/",
"refsource": "CONFIRM",
"url": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/"
}
]
}
}

130
2016/5xxx/CVE-2016-5876.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5876", "ID": "CVE-2016-5876",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-010", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-010" "lang": "eng",
}, "value": "ownCloud server before 8.2.6 and 9.x before 9.0.3, when the gallery app is enabled, allows remote attackers to download arbitrary images via a direct request."
{ }
"name" : "95861", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95861" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95861",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95861"
},
{
"name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-010",
"refsource": "CONFIRM",
"url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-010"
}
]
}
}

164
2018/2xxx/CVE-2018-2383.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2383", "ID": "CVE-2018-2383",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Internet Graphics Server", "product_name": "SAP Internet Graphics Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.20" "version_value": "7.20"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.20EXT" "version_value": "7.20EXT"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.45" "version_value": "7.45"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.49" "version_value": "7.49"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.53" "version_value": "7.53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Reflected Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" "lang": "eng",
}, "value": "Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53."
{ }
"name" : "https://launchpad.support.sap.com/#/notes/2525222", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.support.sap.com/#/notes/2525222" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Reflected Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2525222",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2525222"
},
{
"name": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
}
]
}
}

138
2018/2xxx/CVE-2018-2489.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2489", "ID": "CVE-2018-2489",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Fiori Client", "product_name": "SAP Fiori Client",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "1.11.5" "version_value": "1.11.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Authorization Check"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2691126", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2691126" "lang": "eng",
}, "value": "Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832", ]
"refsource" : "MISC", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832" "problemtype": {
} "problemtype_data": [
] {
}, "description": [
"source" : { {
"discovery" : "UNKNOWN" "lang": "eng",
} "value": "Missing Authorization Check"
} }
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2691126",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2691126"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

158
2018/2xxx/CVE-2018-2793.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2793", "ID": "CVE-2018-2793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "PeopleSoft Enterprise PT PeopleTools", "product_name": "PeopleSoft Enterprise PT PeopleTools",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.54" "version_value": "8.54"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.55" "version_value": "8.55"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.56" "version_value": "8.56"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PsAdmin). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PsAdmin). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)."
{ }
"name" : "103899", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103899" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040701", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040701" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where PeopleSoft Enterprise PT PeopleTools executes to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PT PeopleTools accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "103899",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103899"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1040701",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040701"
}
]
}
}

278
2018/2xxx/CVE-2018-2813.json
View File

@ -1,141 +1,141 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2813", "ID": "CVE-2018-2813",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.5.59 and prior" "version_value": "5.5.59 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.6.39 and prior" "version_value": "5.6.39 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.21 and prior" "version_value": "5.7.21 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)."
{ }
"name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" ]
}, },
{ "references": {
"name" : "DSA-4176", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4176" "name": "DSA-4341",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4341"
"name" : "DSA-4341", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4341" "name": "1040698",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1040698"
"name" : "RHSA-2018:1254", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:1254" "name": "RHSA-2018:1254",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:1254"
"name" : "RHSA-2018:2439", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2439" "name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
"name" : "RHSA-2018:2729", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2729" "name": "RHSA-2018:2729",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2729"
"name" : "RHSA-2018:3655", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "name": "DSA-4176",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4176"
"name" : "USN-3629-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-1/" "name": "103830",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/103830"
"name" : "USN-3629-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-2/" "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html"
"name" : "USN-3629-3", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-3/" "name": "[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00020.html"
"name" : "103830", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103830" "name": "RHSA-2018:3655",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3655"
"name" : "1040698", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040698" "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
} "refsource": "CONFIRM",
] "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
} },
} {
"name": "RHSA-2018:2439",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2439"
},
{
"name": "USN-3629-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-1/"
},
{
"name": "USN-3629-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-2/"
},
{
"name": "USN-3629-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-3/"
}
]
}
}

34
2018/6xxx/CVE-2018-6026.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6026", "ID": "CVE-2018-6026",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/6xxx/CVE-2018-6200.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6200", "ID": "CVE-2018-6200",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cxsecurity.com/issue/WLB-2018010251", "description_data": [
"refsource" : "MISC", {
"url" : "https://cxsecurity.com/issue/WLB-2018010251" "lang": "eng",
} "value": "vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cxsecurity.com/issue/WLB-2018010251",
"refsource": "MISC",
"url": "https://cxsecurity.com/issue/WLB-2018010251"
}
]
}
}

120
2018/6xxx/CVE-2018-6576.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6576", "ID": "CVE-2018-6576",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43949", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43949" "lang": "eng",
} "value": "SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43949",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43949"
}
]
}
}

34
2018/7xxx/CVE-2018-7451.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7451", "ID": "CVE-2018-7451",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/7xxx/CVE-2018-7626.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7626", "ID": "CVE-2018-7626",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0172.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0172", "ID": "CVE-2019-0172",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1057.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1057", "ID": "CVE-2019-1057",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1088.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1088", "ID": "CVE-2019-1088",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1797.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1797", "ID": "CVE-2019-1797",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1844.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1844", "ID": "CVE-2019-1844",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5081.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5081", "ID": "CVE-2019-5081",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5119.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5119", "ID": "CVE-2019-5119",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5168.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5168", "ID": "CVE-2019-5168",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5967.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5967", "ID": "CVE-2019-5967",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }