admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:33:45 +00:00
parent 5ece8bf1e0
commit 56cc31f97e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 2991 additions and 2991 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2007/0xxx/CVE-2007-0191.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0191",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0191",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in admin.php in MKPortal allows remote attackers to inject arbitrary web script or HTML via two certain fields in a contents_new operation in the ad_contents section."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070105 MkPortal Admin XSS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456042/100/100/threaded"
"name": "20070105 MkPortal Admin XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456042/100/100/threaded"
},
{
"name" : "33399",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33399"
"name": "mkportal-admin-xss(31304)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31304"
},
{
"name" : "2138",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2138"
"name": "2138",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2138"
},
{
"name" : "mkportal-admin-xss(31304)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31304"
"name": "33399",
"refsource": "OSVDB",
"url": "http://osvdb.org/33399"
}
]
}

86
2007/1xxx/CVE-2007-1121.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1121",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1121",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Mathis Dirksen-Thedens ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 allow remote attackers to execute arbitrary SQL commands via the id parameter to the (1) updateRow and (2) deleteRow functions in functions.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=488406",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=488406"
"name": "22685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22685"
},
{
"name" : "22685",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22685"
"name": "ADV-2007-0715",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0715"
},
{
"name" : "ADV-2007-0715",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0715"
"name": "http://sourceforge.net/project/shownotes.php?release_id=488406",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=488406"
},
{
"name" : "24269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24269"
"name": "24269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24269"
},
{
"name" : "zephyrsoft-id-sql-injection(32665)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32665"
"name": "zephyrsoft-id-sql-injection(32665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32665"
}
]
}

92
2007/1xxx/CVE-2007-1630.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1630",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1630",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter."
"lang": "eng",
"value": "SQL injection vulnerability in default.asp in ActiveWebSoftwares Active Link Engine allows remote attackers to execute arbitrary SQL commands via the catid parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "3534",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3534"
"name": "3534",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3534"
},
{
"name" : "23080",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23080"
"name": "active-link-default-sql-injection(33111)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33111"
},
{
"name" : "ADV-2007-1071",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1071"
"name": "ADV-2007-1071",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1071"
},
{
"name" : "34364",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34364"
"name": "34364",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34364"
},
{
"name" : "24574",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24574"
"name": "23080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23080"
},
{
"name" : "active-link-default-sql-injection(33111)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33111"
"name": "24574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24574"
}
]
}

152
2007/1xxx/CVE-2007-1748.json
View File

@ -1,136 +1,136 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1748",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2007-1748",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences."
"lang": "eng",
"value": "Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070415 Re: [exploits] RPC vuln in DNS Server (fwd)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/465863/100/100/threaded"
"name": "24871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24871"
},
{
"name" : "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx",
"refsource" : "MISC",
"url" : "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx"
"name": "HPSBST02214",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb",
"refsource" : "MISC",
"url" : "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb"
"name": "SSRT071422",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
},
{
"name" : "http://www.microsoft.com/technet/security/advisory/935964.mspx",
"refsource" : "CONFIRM",
"url" : "http://www.microsoft.com/technet/security/advisory/935964.mspx"
"name": "20070415 Re: [exploits] RPC vuln in DNS Server (fwd)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465863/100/100/threaded"
},
{
"name" : "HPSBST02214",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "http://www.microsoft.com/technet/security/advisory/935964.mspx",
"refsource": "CONFIRM",
"url": "http://www.microsoft.com/technet/security/advisory/935964.mspx"
},
{
"name" : "SSRT071422",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name": "TA07-128A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
},
{
"name" : "MS07-029",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-029"
"name": "23470",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23470"
},
{
"name" : "TA07-103A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-103A.html"
"name": "win-dns-rpc-bo(33629)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33629"
},
{
"name" : "TA07-128A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
"name": "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx",
"refsource": "MISC",
"url": "http://blogs.technet.com/msrc/archive/2007/04/12/microsoft-security-advisory-935964-posted.aspx"
},
{
"name" : "VU#555920",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/555920"
"name": "1017910",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017910"
},
{
"name" : "23470",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23470"
"name": "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb",
"refsource": "MISC",
"url": "http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/dcerpc/msdns_zonename.rb"
},
{
"name" : "ADV-2007-1366",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1366"
"name": "ADV-2007-1366",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1366"
},
{
"name" : "oval:org.mitre.oval:def:1228",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1228"
"name": "oval:org.mitre.oval:def:1228",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1228"
},
{
"name" : "1017910",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017910"
"name": "TA07-103A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-103A.html"
},
{
"name" : "24871",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24871"
"name": "VU#555920",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/555920"
},
{
"name" : "win-dns-rpc-bo(33629)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33629"
"name": "MS07-029",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-029"
}
]
}

104
2007/1xxx/CVE-2007-1902.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in SonicBB 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) part and (2) by parameters to (a) search.php, or the (2) id parameter to (b) viewforum.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/468536/100/0/threaded"
"name": "sonicbb-search-sql-injection(34258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34258"
},
{
"name" : "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=117914598917534&w=2"
"name": "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=117914598917534&w=2"
},
{
"name" : "http://www.netvigilance.com/advisory0019",
"refsource" : "MISC",
"url" : "http://www.netvigilance.com/advisory0019"
"name": "http://www.netvigilance.com/advisory0019",
"refsource": "MISC",
"url": "http://www.netvigilance.com/advisory0019"
},
{
"name" : "23964",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23964"
"name": "ADV-2007-1816",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1816"
},
{
"name" : "ADV-2007-1816",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1816"
"name": "20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468536/100/0/threaded"
},
{
"name" : "33907",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/33907"
"name": "25279",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25279"
},
{
"name" : "25279",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25279"
"name": "23964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23964"
},
{
"name" : "sonicbb-search-sql-injection(34258)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34258"
"name": "33907",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33907"
}
]
}

74
2007/3xxx/CVE-2007-3173.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3173",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3173",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters."
"lang": "eng",
"value": "Almnzm allows remote attackers to obtain sensitive information via an activateorder request to index.php with an invalid orderid parameter, probably related to '[' and ']' characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070529 Full Path Disclosure in Almnzm",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/469911/100/0/threaded"
"name": "20070529 Full Path Disclosure in Almnzm",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/469911/100/0/threaded"
},
{
"name" : "38338",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38338"
"name": "38338",
"refsource": "OSVDB",
"url": "http://osvdb.org/38338"
},
{
"name" : "almnzm-orderid-information-disclosure(34574)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34574"
"name": "almnzm-orderid-information-disclosure(34574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34574"
}
]
}

182
2007/3xxx/CVE-2007-3410.json
View File

@ -1,161 +1,161 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3410",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3410",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
"lang": "eng",
"value": "Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code via an SMIL (SMIL2) file with a long wallclock value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
"name": "http://service.real.com/realplayer/security/10252007_player/en/",
"refsource": "CONFIRM",
"url": "http://service.real.com/realplayer/security/10252007_player/en/"
},
{
"name" : "http://service.real.com/realplayer/security/10252007_player/en/",
"refsource" : "CONFIRM",
"url" : "http://service.real.com/realplayer/security/10252007_player/en/"
"name": "oval:org.mitre.oval:def:10554",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
},
{
"name" : "GLSA-200709-05",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200709-05.xml"
"name": "20070626 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=547"
},
{
"name" : "RHSA-2007:0605",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
"name": "26463",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26463"
},
{
"name" : "RHSA-2007:0841",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
"name": "GLSA-200709-05",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200709-05.xml"
},
{
"name" : "VU#770904",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/770904"
"name": "24658",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24658"
},
{
"name" : "20071030 RealPlayer Updates of October 25, 2007",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
"name": "ADV-2007-2339",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2339"
},
{
"name" : "24658",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24658"
"name": "realplayer-smiltime-wallclockvalue-bo(35088)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
},
{
"name" : "38342",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38342"
"name": "RHSA-2007:0841",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0841.html"
},
{
"name" : "oval:org.mitre.oval:def:10554",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10554"
"name": "26828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26828"
},
{
"name" : "ADV-2007-2339",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2339"
"name": "38342",
"refsource": "OSVDB",
"url": "http://osvdb.org/38342"
},
{
"name" : "ADV-2007-3628",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3628"
"name": "VU#770904",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/770904"
},
{
"name" : "37374",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37374"
"name": "RHSA-2007:0605",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0605.html"
},
{
"name" : "1018297",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018297"
"name": "25859",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25859"
},
{
"name" : "1018299",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018299"
"name": "37374",
"refsource": "OSVDB",
"url": "http://osvdb.org/37374"
},
{
"name" : "25819",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25819"
"name": "20071030 RealPlayer Updates of October 25, 2007",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2007-October/001841.html"
},
{
"name" : "25859",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25859"
"name": "ADV-2007-3628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3628"
},
{
"name" : "26463",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26463"
"name": "25819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25819"
},
{
"name" : "26828",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26828"
"name": "1018297",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018297"
},
{
"name" : "27361",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27361"
"name": "27361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27361"
},
{
"name" : "realplayer-smiltime-wallclockvalue-bo(35088)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35088"
"name": "1018299",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018299"
}
]
}

68
2007/3xxx/CVE-2007-3676.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3676",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3676",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698."
"lang": "eng",
"value": "IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654"
"name": "1019318",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019318"
},
{
"name" : "1019318",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1019318"
"name": "20080207 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=654"
}
]
}

104
2007/4xxx/CVE-2007-4048.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4048",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4048",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070725 PHPSysInfo Index.php Cross Site Scripting",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474756/100/0/threaded"
"name": "20070725 PHPSysInfo Index.php Cross Site Scripting",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474756/100/0/threaded"
},
{
"name" : "http://download.phpgroupware.org/",
"refsource" : "CONFIRM",
"url" : "http://download.phpgroupware.org/"
"name": "http://sourceforge.net/project/shownotes.php?release_id=532143",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=532143"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=532143",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=532143"
"name": "http://download.phpgroupware.org/",
"refsource": "CONFIRM",
"url": "http://download.phpgroupware.org/"
},
{
"name" : "25090",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25090"
"name": "25090",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25090"
},
{
"name" : "36601",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36601"
"name": "26473",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26473"
},
{
"name" : "26248",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26248"
"name": "26248",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26248"
},
{
"name" : "26473",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26473"
"name": "2952",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2952"
},
{
"name" : "2952",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2952"
"name": "36601",
"refsource": "OSVDB",
"url": "http://osvdb.org/36601"
}
]
}

68
2007/4xxx/CVE-2007-4256.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4256",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4256",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter."
"lang": "eng",
"value": "Directory traversal vulnerability in showpage.cgi in YNP Portal System 2.2.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the p parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4261",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4261"
"name": "4261",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4261"
},
{
"name" : "39198",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/39198"
"name": "39198",
"refsource": "OSVDB",
"url": "http://osvdb.org/39198"
}
]
}

74
2007/4xxx/CVE-2007-4340.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4340",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4340",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in phpDVD 1.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the dvd_config_file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070811 phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/476141/100/0/threaded"
"name": "20070811 phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476141/100/0/threaded"
},
{
"name" : "3007",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3007"
"name": "phpdvd-index-file-include(35964)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35964"
},
{
"name" : "phpdvd-index-file-include(35964)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35964"
"name": "3007",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3007"
}
]
}

74
2007/4xxx/CVE-2007-4416.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4416",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4416",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** DISPUTED ** captcha.php in BellaBook (aka BellaBuffs) allows remote attackers to obtain administrative privileges by sending the admin's username (admin_name) in a pheap_login cookie. NOTE: the vendor disputes this vulnerability because authentication data is derived from the admin_pass and secret variables, in addition to the admin_name; and because the exploit code is designed for an unrelated application."
"lang": "eng",
"value": "** DISPUTED ** captcha.php in BellaBook (aka BellaBuffs) allows remote attackers to obtain administrative privileges by sending the admin's username (admin_name) in a pheap_login cookie. NOTE: the vendor disputes this vulnerability because authentication data is derived from the admin_pass and secret variables, in addition to the admin_name; and because the exploit code is designed for an unrelated application."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070731 BellaBook Admin Bypass/Remote Code Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475153/100/200/threaded"
"name": "42506",
"refsource": "OSVDB",
"url": "http://osvdb.org/42506"
},
{
"name" : "20070801 Re: BellaBook Admin Bypass/Remote Code Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475259/100/200/threaded"
"name": "20070731 BellaBook Admin Bypass/Remote Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475153/100/200/threaded"
},
{
"name" : "42506",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/42506"
"name": "20070801 Re: BellaBook Admin Bypass/Remote Code Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475259/100/200/threaded"
}
]
}

92
2007/4xxx/CVE-2007-4452.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4452",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4452",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (disconnection) via a long (1) emote or (2) SPEC command."
"lang": "eng",
"value": "The client in Toribash 2.71 and earlier allows remote attackers to cause a denial of service (disconnection) via a long (1) emote or (2) SPEC command."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070818 Multiple vulnerabilities in Toribash 2.71",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded"
"name": "toribash-emote-spec-dos(36100)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36100"
},
{
"name" : "http://aluigi.org/poc/toribashish.zip",
"refsource" : "MISC",
"url" : "http://aluigi.org/poc/toribashish.zip"
"name": "20070818 Multiple vulnerabilities in Toribash 2.71",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded"
},
{
"name" : "25359",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25359"
"name": "http://aluigi.org/poc/toribashish.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/toribashish.zip"
},
{
"name" : "26507",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26507"
"name": "25359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25359"
},
{
"name" : "3033",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3033"
"name": "26507",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26507"
},
{
"name" : "toribash-emote-spec-dos(36100)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36100"
"name": "3033",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3033"
}
]
}

74
2014/5xxx/CVE-2014-5777.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5777",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5777",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The icon wallpaper dressup-CocoPPa (aka jp.united.app.cocoppa) application 2.8.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#437913",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/437913"
},
{
"name" : "VU#437913",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/437913"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

86
2015/2xxx/CVE-2015-2177.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2177",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2177",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus."
"lang": "eng",
"value": "Siemens SIMATIC S7-300 CPU devices allow remote attackers to cause a denial of service (defect-mode transition) via crafted packets on (1) TCP port 102 or (2) Profibus."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "44802",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44802/"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-064-04"
"name": "1032040",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032040"
},
{
"name" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf",
"refsource" : "CONFIRM",
"url" : "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf"
"name": "44802",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44802/"
},
{
"name" : "72973",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72973"
"name": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf",
"refsource": "CONFIRM",
"url": "http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-987029.pdf"
},
{
"name" : "1032040",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032040"
"name": "72973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72973"
}
]
}

68
2015/2xxx/CVE-2015-2480.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2480",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2480",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka \"RyuJIT Optimization Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2479 and CVE-2015-2481."
"lang": "eng",
"value": "The RyuJIT compiler in Microsoft .NET Framework 4.6 produces incorrect code during an attempt at optimization, which allows remote attackers to execute arbitrary code via a crafted .NET application, aka \"RyuJIT Optimization Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2479 and CVE-2015-2481."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-092",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-092"
"name": "MS15-092",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-092"
},
{
"name" : "1033253",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033253"
"name": "1033253",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033253"
}
]
}

80
2015/2xxx/CVE-2015-2498.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2498",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2498",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499."
"lang": "eng",
"value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2486, CVE-2015-2487, CVE-2015-2490, CVE-2015-2492, CVE-2015-2494, and CVE-2015-2499."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-424",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-424"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-424",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-424"
},
{
"name" : "MS15-094",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
"name": "76579",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76579"
},
{
"name" : "76579",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/76579"
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name" : "1033487",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033487"
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}

98
2015/2xxx/CVE-2015-2682.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2682",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2682",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml."
"lang": "eng",
"value": "Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "36441",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/36441/"
"name": "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html",
"refsource": "MISC",
"url": "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html"
},
{
"name" : "20150319 Citrix Command Center allows downloading of configuration files",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/126"
"name": "20150319 Citrix Command Center allows downloading of configuration files",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/126"
},
{
"name" : "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html"
"name": "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130928/Citrix-Command-Center-Configuration-Disclosure.html"
},
{
"name" : "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html",
"refsource" : "MISC",
"url" : "https://www.securify.nl/advisory/SFY20140802/citrix_command_center_allows_downloading_of_configuration_files.html"
"name": "36441",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36441/"
},
{
"name" : "http://support.citrix.com/article/CTX200584",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX200584"
"name": "http://support.citrix.com/article/CTX200584",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX200584"
},
{
"name" : "73309",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73309"
"name": "1031993",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031993"
},
{
"name" : "1031993",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031993"
"name": "73309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73309"
}
]
}

74
2015/2xxx/CVE-2015-2902.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2902",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-2902",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932",
"refsource" : "CONFIRM",
"url" : "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932"
"name": "VU#350508",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/350508"
},
{
"name" : "VU#350508",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/350508"
"name": "1034078",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034078"
},
{
"name" : "1034078",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034078"
"name": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04850932"
}
]
}

86
2015/3xxx/CVE-2015-3392.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3392",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3392",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20150205 CVE requests for Drupal contributed modules",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/05/16"
"name": "https://www.drupal.org/node/2419971",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2419971"
},
{
"name" : "https://www.drupal.org/node/2420099",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2420099"
"name": "[oss-security] 20150205 CVE requests for Drupal contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/05/16"
},
{
"name" : "https://www.drupal.org/node/2419971",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2419971"
"name": "https://www.drupal.org/node/2420099",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2420099"
},
{
"name" : "72567",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72567"
"name": "ajaxtimeline-drupal-timeline-xss(100654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100654"
},
{
"name" : "ajaxtimeline-drupal-timeline-xss(100654)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100654"
"name": "72567",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72567"
}
]
}

110
2015/6xxx/CVE-2015-6249.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6249",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6249",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
"lang": "eng",
"value": "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-29.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-29.html"
"name": "http://www.wireshark.org/security/wnpa-sec-2015-29.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-29.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358"
"name": "FEDORA-2015-13945",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228"
"name": "1033272",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033272"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358"
},
{
"name" : "DSA-3367",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3367"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b1eaf29d4056f05d1bd6a7f3d692553ec069a228"
},
{
"name" : "FEDORA-2015-13945",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html"
"name": "FEDORA-2015-13946",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html"
},
{
"name" : "FEDORA-2015-13946",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html"
"name": "DSA-3367",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3367"
},
{
"name" : "openSUSE-SU-2015:1836",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html"
"name": "openSUSE-SU-2015:1836",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html"
},
{
"name" : "1033272",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033272"
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}

116
2015/7xxx/CVE-2015-7040.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7040",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-7040",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043."
"lang": "eng",
"value": "The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to cause a denial of service via a crafted app, a different vulnerability than CVE-2015-7041, CVE-2015-7042, and CVE-2015-7043."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT205635",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205635"
"name": "https://support.apple.com/HT205635",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205635"
},
{
"name" : "https://support.apple.com/HT205637",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205637"
"name": "https://support.apple.com/HT205637",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205637"
},
{
"name" : "https://support.apple.com/HT205640",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205640"
"name": "1034344",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034344"
},
{
"name" : "https://support.apple.com/HT205641",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205641"
"name": "APPLE-SA-2015-12-08-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
},
{
"name" : "APPLE-SA-2015-12-08-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
"name": "APPLE-SA-2015-12-08-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
},
{
"name" : "APPLE-SA-2015-12-08-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
"name": "78719",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78719"
},
{
"name" : "APPLE-SA-2015-12-08-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
"name": "APPLE-SA-2015-12-08-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
},
{
"name" : "APPLE-SA-2015-12-08-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html"
"name": "https://support.apple.com/HT205641",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205641"
},
{
"name" : "78719",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78719"
"name": "https://support.apple.com/HT205640",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205640"
},
{
"name" : "1034344",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034344"
"name": "APPLE-SA-2015-12-08-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
}
]
}

22
2015/7xxx/CVE-2015-7694.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7694",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7694",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2016/0xxx/CVE-2016-0087.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0087",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0087",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""
"lang": "eng",
"value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 do not properly validate handles, which allows local users to gain privileges via a crafted application, aka \"Windows Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-031",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-031"
"name": "84032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84032"
},
{
"name" : "84032",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84032"
"name": "MS16-031",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-031"
},
{
"name" : "1035209",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035209"
"name": "1035209",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035209"
}
]
}

80
2016/0xxx/CVE-2016-0108.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0108",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0108",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114."
"lang": "eng",
"value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0109, and CVE-2016-0114."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "39562",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39562/"
"name": "84016",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84016"
},
{
"name" : "MS16-023",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
"name": "1035203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035203"
},
{
"name" : "84016",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84016"
"name": "MS16-023",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
},
{
"name" : "1035203",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035203"
"name": "39562",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39562/"
}
]
}

74
2016/0xxx/CVE-2016-0375.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0375",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0375",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors."
"lang": "eng",
"value": "JMS Client in IBM MessageSight 1.1.x through 1.1.0.1, 1.2.x through 1.2.0.3, and 2.0.x through 2.0.0.0 allows remote authenticated users to obtain administrator privileges for executing arbitrary commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985064",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985064"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985064",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985064"
},
{
"name" : "IT15674",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15674"
"name": "IT15743",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15743"
},
{
"name" : "IT15743",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15743"
"name": "IT15674",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT15674"
}
]
}

62
2016/0xxx/CVE-2016-0852.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0852",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-0852",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors."
"lang": "eng",
"value": "Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-014-01"
}
]
}

70
2016/10xxx/CVE-2016-10292.json
View File

@ -1,69 +1,69 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-10292",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-10292",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.10"
"version_value": "Kernel-3.10"
},
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34514463. References: QC-CR#1065466."
"lang": "eng",
"value": "A denial of service vulnerability in the Qualcomm Wi-Fi driver could enable a proximate attacker to cause a denial of service in the Wi-Fi subsystem. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34514463. References: QC-CR#1065466."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of service"
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-05-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-05-01"
"name": "98204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98204"
},
{
"name" : "98204",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98204"
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}

70
2016/10xxx/CVE-2016-10548.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2016-10548",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2016-10548",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "reduce-css-calc node module",
"version" : {
"version_data" : [
"product_name": "reduce-css-calc node module",
"version": {
"version_data": [
{
"version_value" : "<=1.2.4"
"version_value": "<=1.2.4"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
"vendor_name": "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function."
"lang": "eng",
"value": "Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Code Injection (CWE-94)"
"lang": "eng",
"value": "Code Injection (CWE-94)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9",
"refsource" : "MISC",
"url" : "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9"
"name": "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9",
"refsource": "MISC",
"url": "https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9"
},
{
"name" : "https://nodesecurity.io/advisories/144",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/144"
"name": "https://nodesecurity.io/advisories/144",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/144"
}
]
}

74
2016/4xxx/CVE-2016-4191.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4191",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4191",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
"name": "91716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91716"
},
{
"name" : "91716",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91716"
"name": "1036281",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036281"
},
{
"name" : "1036281",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036281"
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html"
}
]
}

80
2016/4xxx/CVE-2016-4600.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4600",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4600",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602."
"lang": "eng",
"value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix bitmap image, a different vulnerability than CVE-2016-4596, CVE-2016-4597, and CVE-2016-4602."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT206903",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206903"
"name": "91824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name" : "APPLE-SA-2016-07-18-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name" : "91824",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91824"
"name": "1036348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036348"
},
{
"name" : "1036348",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036348"
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
}
]
}

80
2016/4xxx/CVE-2016-4900.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4900",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4900",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Evernote for Windows",
"version" : {
"version_data" : [
"product_name": "Evernote for Windows",
"version": {
"version_data": [
{
"version_value" : "versions prior to 6.3"
"version_value": "versions prior to 6.3"
}
]
}
}
]
},
"vendor_name" : "Evernote"
"vendor_name": "Evernote"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory."
"lang": "eng",
"value": "Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability"
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://evernote.com/security/updates/#win",
"refsource" : "CONFIRM",
"url" : "https://evernote.com/security/updates/#win"
"name": "JVN#03251132",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN03251132/index.html"
},
{
"name" : "JVN#03251132",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN03251132/index.html"
"name": "JVNDB-2016-000206",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000206"
},
{
"name" : "JVNDB-2016-000206",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000206"
"name": "93572",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93572"
},
{
"name" : "93572",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93572"
"name": "https://evernote.com/security/updates/#win",
"refsource": "CONFIRM",
"url": "https://evernote.com/security/updates/#win"
}
]
}

22
2019/0xxx/CVE-2019-0188.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0188",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0188",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3158.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3158",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3158",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3700.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3700",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3700",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4726.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4726",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4726",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4755.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4755",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4755",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4794.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4794",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4794",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4876.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4876",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4876",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6536.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6536",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6536",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7083.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7083",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7083",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7480.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7480",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7480",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7633.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7633",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7633",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7839.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7839",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7839",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/7xxx/CVE-2019-7972.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7972",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7972",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8065.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8065",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8065",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8165.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8165",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8165",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8342.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8342",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8342",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8452.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8452",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8452",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9053.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9053",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9053",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/9xxx/CVE-2019-9558.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9558",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9558",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe."
"lang": "eng",
"value": "Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripting (XSS) via the body of an e-mail message. To exploit the vulnerability, the victim must open an email with malicious Javascript inserted into the body of the email as an iframe."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html"
"name": "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/151957/Mailtraq-WebMail-2.17.7.3550-Cross-Site-Scripting.html"
}
]
}

62
2019/9xxx/CVE-2019-9761.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9761",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9761",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php."
"lang": "eng",
"value": "An XXE issue was discovered in PHPSHE 1.7, which can be used to read any file in the system or scan the internal network without authentication. This occurs because of the call to wechat_getxml in include/plugin/payment/wechat/notify_url.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://gitee.com/koyshe/phpshe/issues/ITC0C",
"refsource" : "MISC",
"url" : "https://gitee.com/koyshe/phpshe/issues/ITC0C"
"name": "https://gitee.com/koyshe/phpshe/issues/ITC0C",
"refsource": "MISC",
"url": "https://gitee.com/koyshe/phpshe/issues/ITC0C"
}
]
}

22
2019/9xxx/CVE-2019-9808.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9808",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9808",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9840.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9840",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9840",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}