admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:17:58 +00:00
parent 41b102e6ed
commit 564138bbbb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
44 changed files with 2712 additions and 2712 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
1999/0xxx/CVE-1999-0848.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0848", "ID": "CVE-1999-0848",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Denial of service in BIND named via consuming more than \"fdmax\" file descriptors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CSSA-1999-034.1", "description_data": [
"refsource" : "CALDERA", {
"url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt" "lang": "eng",
}, "value": "Denial of service in BIND named via consuming more than \"fdmax\" file descriptors."
{ }
"name" : "00194", ]
"refsource" : "SUN", },
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "788", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/788" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-1999-034.1",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt"
},
{
"name": "788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/788"
},
{
"name": "00194",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194"
}
]
}
} }

128
1999/0xxx/CVE-1999-0946.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0946", "ID": "CVE-1999-0946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991102 Some holes for Win/UNIX softwares", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=94157187815629&w=2" "lang": "eng",
}, "value": "Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag."
{ }
"name" : "760", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/760" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991102 Some holes for Win/UNIX softwares",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94157187815629&w=2"
},
{
"name": "760",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/760"
}
]
}
} }

138
1999/1xxx/CVE-1999-1540.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1540", "ID": "CVE-1999-1540",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19991004", "description_data": [
"refsource" : "L0PHT", {
"url" : "http://www.atstake.com/research/advisories/1999/shell-lock.txt" "lang": "eng",
}, "value": "shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code."
{ }
"name" : "19991005 Cactus Software's shell-lock", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=93916168802365&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "cactus-shell-lock-retrieve-shell-code(3356)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3356" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "19991005 Cactus Software's shell-lock",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93916168802365&w=2"
},
{
"name": "19991004",
"refsource": "L0PHT",
"url": "http://www.atstake.com/research/advisories/1999/shell-lock.txt"
},
{
"name": "cactus-shell-lock-retrieve-shell-code(3356)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3356"
}
]
}
} }

158
2005/2xxx/CVE-2005-2092.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2092", "ID": "CVE-2005-2092",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebLogic to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/lists/bugtraq/2005/Jun/0025.html" "lang": "eng",
}, "value": "BEA Systems WebLogic 8.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes WebLogic to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\""
{ }
"name" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/securityreviews/5GP0220G0U.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1014366", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1014366" ]
}, },
{ "references": {
"name" : "bea-weblogic-hrs(42901)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42901" "name": "1014366",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1014366"
} },
{
"name": "bea-weblogic-hrs(42901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42901"
},
{
"name": "http://www.securiteam.com/securityreviews/5GP0220G0U.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securityreviews/5GP0220G0U.html"
},
{
"name": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf",
"refsource": "MISC",
"url": "http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf"
},
{
"name": "20050606 A new whitepaper by Watchfire - HTTP Request Smuggling",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2005/Jun/0025.html"
}
]
}
} }

188
2005/2xxx/CVE-2005-2717.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2005-2717", "ID": "CVE-2005-2717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=350336", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=350336" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in WebCalendar before 1.0.1 allows remote attackers to execute arbitrary PHP code when opening settings.php, possibly via send_reminders.php or other scripts."
{ }
"name" : "DSA-799", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2005/dsa-799" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "14651", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14651" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2005-1513", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2005/1513" ]
}, },
{ "references": {
"name" : "1014849", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1014849" "name": "ADV-2005-1513",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/1513"
"name" : "16528", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16528" "name": "16675",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16675"
"name" : "16675", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16675" "name": "1014849",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1014849"
"name" : "webcalendar-includedir-file-include(22136)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22136" "name": "webcalendar-includedir-file-include(22136)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22136"
} },
{
"name": "DSA-799",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-799"
},
{
"name": "14651",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14651"
},
{
"name": "16528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16528"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=350336",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=350336"
}
]
}
} }

218
2005/3xxx/CVE-2005-3565.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3565", "ID": "CVE-2005-3565",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in \"Trusted Mode\" allows remote attackers to gain unauthorized system access via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBUX02072", "description_data": [
"refsource" : "HP", {
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00543854" "lang": "eng",
}, "value": "Unknown vulnerability in remshd daemon in HP-UX B.11.00, B.11.11, and B.11.23 while running in \"Trusted Mode\" allows remote attackers to gain unauthorized system access via unknown attack vectors."
{ }
"name" : "SSRT051014", ]
"refsource" : "HP", },
"url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00543854" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "15366", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15366" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2005-2358", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2005/2358" ]
}, },
{ "references": {
"name" : "20679", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/20679" "name": "oval:org.mitre.oval:def:1151",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1151"
"name" : "oval:org.mitre.oval:def:1151", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1151" "name": "hpux-remshd-bypass-security(23036)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23036"
"name" : "oval:org.mitre.oval:def:1576", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1576" "name": "oval:org.mitre.oval:def:1576",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1576"
"name" : "oval:org.mitre.oval:def:766", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A766" "name": "ADV-2005-2358",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/2358"
"name" : "1015173", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1015173" "name": "HPSBUX02072",
}, "refsource": "HP",
{ "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00543854"
"name" : "17507", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17507" "name": "oval:org.mitre.oval:def:766",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A766"
"name" : "hpux-remshd-bypass-security(23036)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23036" "name": "17507",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/17507"
} },
{
"name": "20679",
"refsource": "OSVDB",
"url": "http://osvdb.org/20679"
},
{
"name": "SSRT051014",
"refsource": "HP",
"url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00543854"
},
{
"name": "15366",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15366"
},
{
"name": "1015173",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015173"
}
]
}
} }

32
2007/5xxx/CVE-2007-5874.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5874", "ID": "CVE-2007-5874",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2009/2xxx/CVE-2009-2035.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2035", "ID": "CVE-2009-2035",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/487784", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/487784" "lang": "eng",
}, "value": "Unspecified vulnerability in Services 6.x before 6.x-0.14, a module for Drupal, when key-based access is enabled, allows remote attackers to read or add keys and access unauthorized services via unspecified vectors."
{ }
"name" : "http://drupal.org/node/488004", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/488004" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35292", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35292" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "54999", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/54999" ]
}, },
{ "references": {
"name" : "33371", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/33371" "name": "54999",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/54999"
} },
{
"name": "http://drupal.org/node/488004",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/488004"
},
{
"name": "http://drupal.org/node/487784",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/487784"
},
{
"name": "33371",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33371"
},
{
"name": "35292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35292"
}
]
}
} }

128
2009/2xxx/CVE-2009-2101.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2101", "ID": "CVE-2009-2101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in archive.php in TorrentVolve 1.4, when register_globals is enabled, allows remote attackers to delete arbitrary files via a .. (dot dot) in the deleteTorrent parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8931", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8931" "lang": "eng",
}, "value": "Directory traversal vulnerability in archive.php in TorrentVolve 1.4, when register_globals is enabled, allows remote attackers to delete arbitrary files via a .. (dot dot) in the deleteTorrent parameter."
{ }
"name" : "torrentvolve-deletetorrent-dir-traversal(51088)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51088" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "torrentvolve-deletetorrent-dir-traversal(51088)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51088"
},
{
"name": "8931",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8931"
}
]
}
} }

148
2009/2xxx/CVE-2009-2451.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2451", "ID": "CVE-2009-2451",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20090428 MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/503046/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in index.php in MIM:InfiniX 1.2.003 and possibly earlier versions allow remote attackers to execute arbitrary SQL commands via the (1) month and (2) year parameters in a calendar action, or (3) a search term in the search form."
{ }
"name" : "20090514 Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/503480" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "8558", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/8558" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34750", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/34750" ]
} },
] "references": {
} "reference_data": [
{
"name": "34750",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34750"
},
{
"name": "20090428 MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503046/100/0/threaded"
},
{
"name": "20090514 Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503480"
},
{
"name": "8558",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/8558"
}
]
}
} }

198
2009/3xxx/CVE-2009-3468.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3468", "ID": "CVE-2009-3468",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126365-15-1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126365-15-1" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager."
{ }
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139620-01-1", ]
"refsource" : "CONFIRM", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139620-01-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "267488", "description": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267488-1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36510", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/36510" ]
}, },
{ "references": {
"name" : "58319", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/58319" "name": "58319",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/58319"
"name" : "1022943", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1022943" "name": "1022943",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1022943"
"name" : "36822", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/36822" "name": "36510",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/36510"
"name" : "ADV-2009-2756", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/2756" "name": "267488",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-267488-1"
"name" : "cde-mac-priv-escalation(53461)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/53461" "name": "ADV-2009-2756",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2009/2756"
} },
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139620-01-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-139620-01-1"
},
{
"name": "cde-mac-priv-escalation(53461)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53461"
},
{
"name": "36822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36822"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126365-15-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-126365-15-1"
}
]
}
} }

148
2009/3xxx/CVE-2009-3862.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3862", "ID": "CVE-2009-3862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-09-075/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-09-075/" "lang": "eng",
}, "value": "The NDSD process in Novell eDirectory 8.7.3 before 8.7.3.10 ftf2 and eDirectory 8.8 before 8.8.5 ftf1 does not properly handle certain LDAP search requests, which allows remote attackers to cause a denial of service (application hang) via a search request with a NULL BaseDN value."
{ }
"name" : "http://www.novell.com/support/viewContent.do?externalId=7004721", ]
"refsource" : "CONFIRM", },
"url" : "http://www.novell.com/support/viewContent.do?externalId=7004721" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36902", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36902" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-3120", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/3120" ]
} },
] "references": {
} "reference_data": [
{
"name": "http://www.novell.com/support/viewContent.do?externalId=7004721",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7004721"
},
{
"name": "ADV-2009-3120",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3120"
},
{
"name": "36902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36902"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-075/"
}
]
}
} }

118
2015/0xxx/CVE-2015-0140.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-0140", "ID": "CVE-2015-0140",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21697746", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21697746" "lang": "eng",
} "value": "An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21697746",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697746"
}
]
}
} }

138
2015/0xxx/CVE-2015-0162.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-0162", "ID": "CVE-2015-0162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21700012", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21700012" "lang": "eng",
}, "value": "IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges."
{ }
"name" : "74038", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74038" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ibm-siteprotector-cve20150162-priv-esc(100865)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100865" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "74038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74038"
},
{
"name": "https://www-01.ibm.com/support/docview.wss?uid=swg21700012",
"refsource": "CONFIRM",
"url": "https://www-01.ibm.com/support/docview.wss?uid=swg21700012"
},
{
"name": "ibm-siteprotector-cve20150162-priv-esc(100865)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100865"
}
]
}
} }

138
2015/0xxx/CVE-2015-0399.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-0399", "ID": "CVE-2015-0399",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 10.1.3.4.2 and 11.1.1.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Analytics Web General."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 10.1.3.4.2 and 11.1.1.7 allows remote authenticated users to affect confidentiality via unknown vectors related to Analytics Web General."
{ }
"name" : "72204", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72204" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "62475", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62475" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "62475",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62475"
},
{
"name": "72204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72204"
}
]
}
} }

118
2015/0xxx/CVE-2015-0628.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0628", "ID": "CVE-2015-0628",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150219 Cisco Web Security Appliance HTTP Proxy Bypass Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0628" "lang": "eng",
} "value": "The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass intended proxying restrictions via a malformed HTTP method, aka Bug ID CSCus79174."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150219 Cisco Web Security Appliance HTTP Proxy Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0628"
}
]
}
} }

128
2015/0xxx/CVE-2015-0688.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0688", "ID": "CVE-2015-0688",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150403 Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38210" "lang": "eng",
}, "value": "Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NAT is enabled, allows remote attackers to cause a denial of service (module crash) via malformed H.323 packets, aka Bug ID CSCup21070."
{ }
"name" : "1032023", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032023" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032023",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032023"
},
{
"name": "20150403 Cisco ASR1000 Series Routers ESP Module Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38210"
}
]
}
} }

128
2015/1xxx/CVE-2015-1629.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-1629", "ID": "CVE-2015-1629",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka \"ExchangeDLP Cross Site Scripting Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-026", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-026" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka \"ExchangeDLP Cross Site Scripting Vulnerability.\""
{ }
"name" : "1031900", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1031900" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-026",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-026"
},
{
"name": "1031900",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031900"
}
]
}
} }

148
2015/1xxx/CVE-2015-1923.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-1923", "ID": "CVE-2015-1923",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-264", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-264" "lang": "eng",
}, "value": "Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21959398", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21959398" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75445", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75445" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1032773", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1032773" ]
} },
] "references": {
} "reference_data": [
{
"name": "1032773",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032773"
},
{
"name": "75445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75445"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-264",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-264"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21959398",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21959398"
}
]
}
} }

178
2015/4xxx/CVE-2015-4357.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4357", "ID": "CVE-2015-4357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used as the default title of a webform block."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150322 CVE requests for Drupal contributed modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/03/22/35" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3.22, and 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a node title, which is used as the default title of a webform block."
{ }
"name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2445935", "description": [
"refsource" : "MISC", {
"url" : "https://www.drupal.org/node/2445935" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.drupal.org/node/2445291", ]
"refsource" : "CONFIRM", }
"url" : "https://www.drupal.org/node/2445291" ]
}, },
{ "references": {
"name" : "https://www.drupal.org/node/2445295", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2445295" "name": "https://www.drupal.org/node/2445295",
}, "refsource": "CONFIRM",
{ "url": "https://www.drupal.org/node/2445295"
"name" : "https://www.drupal.org/node/2445297", },
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2445297" "name": "[oss-security] 20150322 CVE requests for Drupal contributed modules",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2015/03/22/35"
"name" : "72993", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72993" "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
} },
{
"name": "https://www.drupal.org/node/2445297",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2445297"
},
{
"name": "72993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72993"
},
{
"name": "https://www.drupal.org/node/2445291",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2445291"
},
{
"name": "https://www.drupal.org/node/2445935",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2445935"
}
]
}
} }

138
2015/4xxx/CVE-2015-4541.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2015-4541", "ID": "CVE-2015-4541",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150923 ESA-2015-142: RSA Archer GRC Platform Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2015/Sep/105" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033649", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033649" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133682/RSA-Archer-GRC-5.5.3-XSS-Improper-Authorization-Information-Disclosure.html"
},
{
"name": "20150923 ESA-2015-142: RSA Archer GRC Platform Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Sep/105"
},
{
"name": "1033649",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033649"
}
]
}
} }

128
2015/4xxx/CVE-2015-4586.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4586", "ID": "CVE-2015-4586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for requests that create a user account via an add_user action in a request to password.cmd."
{ }
"name" : "75384", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75384" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75384",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75384"
},
{
"name": "http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132324/CellPipe-7130-Cross-Site-Request-Forgery.html"
}
]
}
} }

128
2015/4xxx/CVE-2015-4587.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4587", "ID": "CVE-2015-4587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the \"Custom application\" field in the \"port triggering\" menu."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/132327/CellPipe-7130-Cross-Site-Scripting.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132327/CellPipe-7130-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.0.0.20h.HOL allows remote attackers to inject arbitrary web script or HTML via the \"Custom application\" field in the \"port triggering\" menu."
{ }
"name" : "75305", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75305" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75305",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75305"
},
{
"name": "http://packetstormsecurity.com/files/132327/CellPipe-7130-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132327/CellPipe-7130-Cross-Site-Scripting.html"
}
]
}
} }

148
2015/4xxx/CVE-2015-4671.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4671", "ID": "CVE-2015-4671",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160108 OpenCart Security Advisory - XSS Vulnerabiltiy - CVE-2015-4671", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Jan/17" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php."
{ }
"name" : "http://packetstormsecurity.com/files/135163/OpenCart-2.1.0.1-Cross-Site-Scripting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/135163/OpenCart-2.1.0.1-Cross-Site-Scripting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/opencart/opencart/commit/303fa88fe664ded4bf8753b997abd916f0a3c03f", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/opencart/opencart/commit/303fa88fe664ded4bf8753b997abd916f0a3c03f" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/opencart/opencart/releases/tag/2.1.0.2", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/opencart/opencart/releases/tag/2.1.0.2" ]
} },
] "references": {
} "reference_data": [
{
"name": "20160108 OpenCart Security Advisory - XSS Vulnerabiltiy - CVE-2015-4671",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/17"
},
{
"name": "http://packetstormsecurity.com/files/135163/OpenCart-2.1.0.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135163/OpenCart-2.1.0.1-Cross-Site-Scripting.html"
},
{
"name": "https://github.com/opencart/opencart/releases/tag/2.1.0.2",
"refsource": "CONFIRM",
"url": "https://github.com/opencart/opencart/releases/tag/2.1.0.2"
},
{
"name": "https://github.com/opencart/opencart/commit/303fa88fe664ded4bf8753b997abd916f0a3c03f",
"refsource": "CONFIRM",
"url": "https://github.com/opencart/opencart/commit/303fa88fe664ded4bf8753b997abd916f0a3c03f"
}
]
}
} }

128
2015/4xxx/CVE-2015-4874.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4874", "ID": "CVE-2015-4874",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen."
{ }
"name" : "1033897", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033897" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033897"
}
]
}
} }

148
2015/8xxx/CVE-2015-8975.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8975", "ID": "CVE-2015-8975",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94397", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94397" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/",
"refsource": "CONFIRM",
"url": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/"
},
{
"name": "94397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94397"
},
{
"name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
}
]
}
} }

138
2016/5xxx/CVE-2016-5334.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5334", "ID": "CVE-2016-5334",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2016-0021.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2016-0021.html" "lang": "eng",
}, "value": "VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors."
{ }
"name" : "94482", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94482" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037326", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037326" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1037326",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037326"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2016-0021.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2016-0021.html"
},
{
"name": "94482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94482"
}
]
}
} }

166
2018/1002xxx/CVE-2018-1002206.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "report@snyk.io",
"DATE_ASSIGNED" : "2018-05-17T10:52Z", "DATE_ASSIGNED": "2018-05-17T10:52Z",
"ID" : "CVE-2018-1002206", "ID": "CVE-2018-1002206",
"REQUESTER" : "danny@snyk.io", "REQUESTER": "danny@snyk.io",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"UPDATED" : "2018-05-17T10:52Z" "UPDATED": "2018-05-17T10:52Z"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SharpCompress", "product_name": "SharpCompress",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "0.21.0" "version_value": "0.21.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SharpCompress" "vendor_name": "SharpCompress"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-22"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/snyk/zip-slip-vulnerability", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/snyk/zip-slip-vulnerability" "lang": "eng",
}, "value": "SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'."
{ }
"name" : "https://snyk.io/research/zip-slip-vulnerability", ]
"refsource" : "MISC", },
"url" : "https://snyk.io/research/zip-slip-vulnerability" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246", "description": [
"refsource" : "MISC", {
"url" : "https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246" "lang": "eng",
}, "value": "CWE-22"
{ }
"name" : "https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6" ]
}, },
{ "references": {
"name" : "https://github.com/adamhathcock/sharpcompress/pull/374", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/adamhathcock/sharpcompress/pull/374" "name": "https://snyk.io/research/zip-slip-vulnerability",
} "refsource": "MISC",
] "url": "https://snyk.io/research/zip-slip-vulnerability"
} },
{
"name": "https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-DOTNET-SHARPCOMPRESS-60246"
},
{
"name": "https://github.com/snyk/zip-slip-vulnerability",
"refsource": "MISC",
"url": "https://github.com/snyk/zip-slip-vulnerability"
},
{
"name": "https://github.com/adamhathcock/sharpcompress/pull/374",
"refsource": "CONFIRM",
"url": "https://github.com/adamhathcock/sharpcompress/pull/374"
},
{
"name": "https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6",
"refsource": "CONFIRM",
"url": "https://github.com/adamhathcock/sharpcompress/commit/42b1205fb435de523e6ef8ac5b7bafbe712997f6"
}
]
}
} }

134
2018/1999xxx/CVE-2018-1999024.json
View File

@ -1,70 +1,70 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2018-07-22T01:05:34.781792", "DATE_ASSIGNED": "2018-07-22T01:05:34.781792",
"DATE_REQUESTED" : "2018-07-21T09:23:02", "DATE_REQUESTED": "2018-07-21T09:23:02",
"ID" : "CVE-2018-1999024", "ID": "CVE-2018-1999024",
"REQUESTER" : "thomas@kluyver.me.uk", "REQUESTER": "thomas@kluyver.me.uk",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MathJax", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to version 2.7.4" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "MathJax" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \\unicode{} macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processed using Mathjax. This vulnerability appears to have been fixed in 2.7.4 and later."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html" "lang": "eng",
}, "value": "MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \\unicode{} macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processed using Mathjax. This vulnerability appears to have been fixed in 2.7.4 and later."
{ }
"name" : "https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1",
"refsource": "CONFIRM",
"url": "https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1"
},
{
"name": "https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html",
"refsource": "MISC",
"url": "https://blog.bentkowski.info/2018/06/xss-in-google-colaboratory-csp-bypass.html"
}
]
}
} }

32
2018/2xxx/CVE-2018-2093.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2093", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-2093",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

180
2018/2xxx/CVE-2018-2776.json
View File

@ -1,93 +1,93 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2776", "ID": "CVE-2018-2776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.21 and prior" "version_value": "5.7.21 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:3655", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3655" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "USN-3629-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3629-1/" ]
}, },
{ "references": {
"name" : "USN-3629-3", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3629-3/" "name": "1040698",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1040698"
"name" : "103791", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103791" "name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
"name" : "1040698", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040698" "name": "RHSA-2018:3655",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:3655"
} },
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103791"
},
{
"name": "USN-3629-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-1/"
},
{
"name": "USN-3629-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-3/"
}
]
}
} }

128
2018/6xxx/CVE-2018-6622.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6622", "ID": "CVE-2018-6622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can clear TPM 2.0. It allows local users to overwrite static PCRs of TPM and neutralize the security features of it, such as seal/unseal and remote attestation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.usenix.org/conference/usenixsecurity18/presentation/han", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.usenix.org/conference/usenixsecurity18/presentation/han" "lang": "eng",
}, "value": "An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0 specification. An abnormal case is not handled properly by this firmware while S3 sleep and can clear TPM 2.0. It allows local users to overwrite static PCRs of TPM and neutralize the security features of it, such as seal/unseal and remote attestation."
{ }
"name" : "105203", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105203" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105203"
},
{
"name": "https://www.usenix.org/conference/usenixsecurity18/presentation/han",
"refsource": "MISC",
"url": "https://www.usenix.org/conference/usenixsecurity18/presentation/han"
}
]
}
} }

32
2018/6xxx/CVE-2018-6652.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6652", "ID": "CVE-2018-6652",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2018/6xxx/CVE-2018-6780.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6780", "ID": "CVE-2018-6780",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A0081E4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4" "lang": "eng",
} "value": "In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A0081E4."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4",
"refsource": "MISC",
"url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Jiangmin_Antivirus_POC/tree/master/KSysCall_9A0081E4"
}
]
}
} }

32
2018/7xxx/CVE-2018-7006.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7006", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-7006",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }
} }

128
2018/7xxx/CVE-2018-7274.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7274", "ID": "CVE-2018-7274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/YABhq/Quarx/issues/116", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/YABhq/Quarx/issues/116" "lang": "eng",
}, "value": "Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name)."
{ }
"name" : "103081", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103081" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103081"
},
{
"name": "https://github.com/YABhq/Quarx/issues/116",
"refsource": "MISC",
"url": "https://github.com/YABhq/Quarx/issues/116"
}
]
}
} }

148
2018/7xxx/CVE-2018-7326.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-7326", "ID": "CVE-2018-7326",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419" "lang": "eng",
}, "value": "In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type."
{ }
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0", ]
"refsource" : "CONFIRM", },
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "103158", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/103158" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://www.wireshark.org/security/wnpa-sec-2018-06.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2018-06.html"
},
{
"name": "103158",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103158"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14419"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=293b999425e998d6cde0d9149648e421ea7687d0"
}
]
}
} }

120
2018/7xxx/CVE-2018-7767.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cybersecurity@se.com", "ASSIGNER": "cybersecurity@schneider-electric.com",
"DATE_PUBLIC" : "2018-04-05T00:00:00", "DATE_PUBLIC": "2018-04-05T00:00:00",
"ID" : "CVE-2018-7767", "ID": "CVE-2018-7767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "U.Motion", "product_name": "U.Motion",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "U.motion Builder Software, all versions prior to v1.3.4" "version_value": "U.motion Builder Software, all versions prior to v1.3.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Schneider Electric SE" "vendor_name": "Schneider Electric SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/" "lang": "eng",
} "value": "The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/"
}
]
}
} }

128
2018/7xxx/CVE-2018-7811.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cybersecurity@se.com", "ASSIGNER": "cybersecurity@schneider-electric.com",
"ID" : "CVE-2018-7811", "ID": "CVE-2018-7811",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200", "product_name": "Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200" "version_value": "Embedded Web Servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Schneider Electric SE" "vendor_name": "Schneider Electric SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unverified Password Change"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.tenable.com/security/research/tra-2018-38", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.tenable.com/security/research/tra-2018-38" "lang": "eng",
}, "value": "An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server"
{ }
"name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Unverified Password Change"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2018-38",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2018-38"
},
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-327-01/"
}
]
}
} }

32
2019/1xxx/CVE-2019-1076.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1076", "ID": "CVE-2019-1076",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5051.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5051", "ID": "CVE-2019-5051",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5149.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5149", "ID": "CVE-2019-5149",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5366.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5366", "ID": "CVE-2019-5366",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/5xxx/CVE-2019-5680.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5680", "ID": "CVE-2019-5680",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }