admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:35:41 +00:00
parent 84d67dfefd
commit 57dcf80038
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 4162 additions and 4162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0676.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0676",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19990808 sdtcm_convert",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=19990809134220.A1191@hades.chaoz.org"
},
{
"name" : "575",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/575"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "575",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/575"
},
{
"name": "19990808 sdtcm_convert",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=19990809134220.A1191@hades.chaoz.org"
}
]
}
}

120
1999/0xxx/CVE-1999-0781.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0781",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0781",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=91141486301691&w=2"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981118 Multiple KDE security vulnerabilities (root compromise)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91141486301691&w=2"
}
]
}
}

130
1999/1xxx/CVE-1999-1394.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1394",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19990702 BSD-fileflags",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=93094058620450&w=2"
},
{
"name" : "510",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/510"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BSD 4.4 based operating systems, when running at security level 1, allow the root user to clear the immutable and append-only flags for files by unmounting the file system and using a file system editor such as fsdb to directly modify the file through a device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990702 BSD-fileflags",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93094058620450&w=2"
},
{
"name": "510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/510"
}
]
}
}

190
1999/1xxx/CVE-1999-1529.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1529",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1529",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=94201512111092&w=2"
},
{
"name" : "19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow.",
"refsource" : "NTBUGTRAQ",
"url" : "http://marc.info/?l=ntbugtraq&m=94199707625818&w=2"
},
{
"name" : "19991108 Re: Interscan VirusWall NT 3.23/3.3 buffer overflow.",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=94210427406568&w=2"
},
{
"name" : "19991108 Patch for VirusWall 3.23.",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=94204166130782&w=2"
},
{
"name" : "19991108 Patch for VirusWall 3.23.",
"refsource" : "NTBUGTRAQ",
"url" : "http://marc.info/?l=ntbugtraq&m=94208143007829&w=2"
},
{
"name" : "20000417 New DOS on Interscan NT/3.32",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/55551"
},
{
"name" : "787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/787"
},
{
"name" : "viruswall-helo-bo(3465)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3465"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/787"
},
{
"name": "19991108 Patch for VirusWall 3.23.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94204166130782&w=2"
},
{
"name": "19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow.",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94199707625818&w=2"
},
{
"name": "19991107 Interscan VirusWall NT 3.23/3.3 buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94201512111092&w=2"
},
{
"name": "19991108 Patch for VirusWall 3.23.",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=94208143007829&w=2"
},
{
"name": "20000417 New DOS on Interscan NT/3.32",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/55551"
},
{
"name": "19991108 Re: Interscan VirusWall NT 3.23/3.3 buffer overflow.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94210427406568&w=2"
},
{
"name": "viruswall-helo-bo(3465)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3465"
}
]
}
}

120
1999/1xxx/CVE-1999-1561.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1561",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19990820 Winamp SHOUTcast server: Gain Administrator Password",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/24852"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990820 Winamp SHOUTcast server: Gain Administrator Password",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/24852"
}
]
}
}

130
2000/0xxx/CVE-2000-0090.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0090",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0090",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "943",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/943"
},
{
"name" : "1205",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/1205"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1205",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1205"
},
{
"name": "943",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/943"
}
]
}
}

130
2000/0xxx/CVE-2000-0211.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0211",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the \"Misordered Windows Media Services Handshake\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS00-013",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-013"
},
{
"name" : "1000",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1000"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Windows Media server allows remote attackers to cause a denial of service via a series of client handshake packets that are sent in an improper sequence, aka the \"Misordered Windows Media Services Handshake\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS00-013",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-013"
},
{
"name": "1000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1000"
}
]
}
}

130
2000/0xxx/CVE-2000-0281.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0281",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000326 neat little napster bug",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0277.html"
},
{
"name" : "20000330 Napster, Inc. response to Colten Edwards",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0299.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000326 neat little napster bug",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0277.html"
},
{
"name": "20000330 Napster, Inc. response to Colten Edwards",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0299.html"
}
]
}
}

120
2000/0xxx/CVE-2000-0348.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0348",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "SB-99.10",
"refsource" : "SCO",
"url" : "ftp://ftp.sco.com/SSE/security_bulletins/SB-99.10a"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SB-99.10",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/SSE/security_bulletins/SB-99.10a"
}
]
}
}

130
2000/0xxx/CVE-2000-0432.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0432",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000516 Vuln in calender.pl (Matt Kruse calender script)",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0173.html"
},
{
"name" : "1215",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1215"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000516 Vuln in calender.pl (Matt Kruse calender script)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0173.html"
},
{
"name": "1215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1215"
}
]
}
}

130
2000/0xxx/CVE-2000-0592.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0592",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000627 [SPSadvisory #37]WinProxy 2.0.0/2.0.1 DoS and Exploitable Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006271417.GFE84146.-BJXON@lac.co.jp"
},
{
"name" : "1400",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1400"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1400"
},
{
"name": "20000627 [SPSadvisory #37]WinProxy 2.0.0/2.0.1 DoS and Exploitable Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200006271417.GFE84146.-BJXON@lac.co.jp"
}
]
}
}

150
2000/0xxx/CVE-2000-0851.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0851",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the \"Still Image Service Privilege Escalation\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0851",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "A090700-1",
"refsource" : "ATSTAKE",
"url" : "http://www.atstake.com/research/advisories/2000/a090700-1.txt"
},
{
"name" : "MS00-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-065"
},
{
"name" : "1651",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1651"
},
{
"name" : "w2k-still-image-service(5203)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5203"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the \"Still Image Service Privilege Escalation\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "w2k-still-image-service(5203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5203"
},
{
"name": "MS00-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-065"
},
{
"name": "1651",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1651"
},
{
"name": "A090700-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2000/a090700-1.txt"
}
]
}
}

150
2000/0xxx/CVE-2000-0973.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0973",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "RHBA-2000:092-01",
"refsource" : "REDHAT",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"
},
{
"name" : "FreeBSD-SA-00:72",
"refsource" : "FREEBSD",
"url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"
},
{
"name" : "1804",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1804"
},
{
"name" : "curl-error-bo(5374)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:72",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc"
},
{
"name": "1804",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1804"
},
{
"name": "curl-error-bo(5374)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5374"
},
{
"name": "RHBA-2000:092-01",
"refsource": "REDHAT",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html"
}
]
}
}

200
2000/1xxx/CVE-2000-1220.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1220",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/lists/bugtraq/2000/Jan/0116.html"
},
{
"name" : "20000108 Quadruple Inverted Backflip",
"refsource" : "L0PHT",
"url" : "http://www.l0pht.com/advisories/lpd_advisory"
},
{
"name" : "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt",
"refsource" : "MISC",
"url" : "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt"
},
{
"name" : "20000109 lpr -- access control problem and root exploit",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2000/20000109"
},
{
"name" : "RHSA-2000:002",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2000-002.html"
},
{
"name" : "20021104-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P"
},
{
"name" : "VU#39001",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/39001"
},
{
"name" : "927",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/927"
},
{
"name" : "redhat-lpd-print-control(3841)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000109 lpr -- access control problem and root exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000109"
},
{
"name": "20000108 L0pht Advisory: LPD, RH 4.x,5.x,6.x",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2000/Jan/0116.html"
},
{
"name": "927",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/927"
},
{
"name": "redhat-lpd-print-control(3841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3841"
},
{
"name": "20021104-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P"
},
{
"name": "20000108 Quadruple Inverted Backflip",
"refsource": "L0PHT",
"url": "http://www.l0pht.com/advisories/lpd_advisory"
},
{
"name": "VU#39001",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/39001"
},
{
"name": "RHSA-2000:002",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-002.html"
},
{
"name": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt",
"refsource": "MISC",
"url": "http://www.atstake.com/research/advisories/2000/lpd_advisory.txt"
}
]
}
}

150
2005/2xxx/CVE-2005-2186.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2186",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2186",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050706 McAfee Intrushield IPS Abuse",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112066594312876&w=2"
},
{
"name" : "20050706 Re: Re: McAfee Intrushield IPS Abuse",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112076813804503&w=2"
},
{
"name" : "1014422",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1014422"
},
{
"name" : "15961",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/15961"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050706 Re: Re: McAfee Intrushield IPS Abuse",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112076813804503&w=2"
},
{
"name": "1014422",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014422"
},
{
"name": "15961",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15961"
},
{
"name": "20050706 McAfee Intrushield IPS Abuse",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112066594312876&w=2"
}
]
}
}

34
2005/2xxx/CVE-2005-2355.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2355",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2335, CVE-2005-2356. Reason: due to a typo in an advisory, this candidate was accidentally referenced. Notes: All CVE users should consult CVE-2005-2335 and CVE-2005-2356 to determine the appropriate identifier for the issue."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-2355",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2335, CVE-2005-2356. Reason: due to a typo in an advisory, this candidate was accidentally referenced. Notes: All CVE users should consult CVE-2005-2335 and CVE-2005-2356 to determine the appropriate identifier for the issue."
}
]
}
}

210
2005/2xxx/CVE-2005-2365.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2365",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-2365",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00020.html",
"refsource" : "CONFIRM",
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00020.html"
},
{
"name" : "DSA-853",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-853"
},
{
"name" : "FLSA-2006:152922",
"refsource" : "FEDORA",
"url" : "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name" : "GLSA-200507-27",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml"
},
{
"name" : "RHSA-2005:687",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-687.html"
},
{
"name" : "SUSE-SR:2005:019",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name" : "14399",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14399"
},
{
"name" : "oval:org.mitre.oval:def:9118",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9118"
},
{
"name" : "16225",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16225/"
},
{
"name" : "17102",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17102"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the SMB dissector in Ethereal 0.9.0 through 0.10.11 allows remote attackers to cause a buffer overflow or a denial of service (memory consumption) via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ethereal.com/appnotes/enpa-sa-00020.html",
"refsource": "CONFIRM",
"url": "http://www.ethereal.com/appnotes/enpa-sa-00020.html"
},
{
"name": "GLSA-200507-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200507-27.xml"
},
{
"name": "SUSE-SR:2005:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html"
},
{
"name": "RHSA-2005:687",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-687.html"
},
{
"name": "oval:org.mitre.oval:def:9118",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9118"
},
{
"name": "DSA-853",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-853"
},
{
"name": "16225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16225/"
},
{
"name": "FLSA-2006:152922",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html"
},
{
"name": "14399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14399"
},
{
"name": "17102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17102"
}
]
}
}

160
2007/1xxx/CVE-2007-1909.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1909",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3691",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3691"
},
{
"name" : "23383",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23383"
},
{
"name" : "ADV-2007-1313",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1313"
},
{
"name" : "34747",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34747"
},
{
"name" : "24838",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24838"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24838"
},
{
"name": "ADV-2007-1313",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1313"
},
{
"name": "34747",
"refsource": "OSVDB",
"url": "http://osvdb.org/34747"
},
{
"name": "3691",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3691"
},
{
"name": "23383",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23383"
}
]
}
}

150
2007/1xxx/CVE-2007-1978.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1978",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view_game_list action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3640",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3640"
},
{
"name" : "ADV-2007-1205",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1205"
},
{
"name" : "37410",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37410"
},
{
"name" : "phpfusion-arcade-index-sql-injection(33361)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33361"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in the Arcade 1.00 module for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the cid parameter in a view_game_list action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1205",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1205"
},
{
"name": "phpfusion-arcade-index-sql-injection(33361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33361"
},
{
"name": "37410",
"refsource": "OSVDB",
"url": "http://osvdb.org/37410"
},
{
"name": "3640",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3640"
}
]
}
}

130
2007/1xxx/CVE-2007-1990.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1990",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the id parameter, a different vector than CVE-2007-1968. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ADV-2007-1302",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1302"
},
{
"name" : "37432",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37432"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in games.php in Sam Crew MyBlog, possibly 1.0 through 1.6, allows remote attackers to execute arbitrary PHP code via a URL in the id parameter, a different vector than CVE-2007-1968. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37432",
"refsource": "OSVDB",
"url": "http://osvdb.org/37432"
},
{
"name": "ADV-2007-1302",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1302"
}
]
}
}

330
2007/5xxx/CVE-2007-5237.json
View File

@ -1,167 +1,167 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5237",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka \"two vulnerabilities.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name" : "BEA08-198.00",
"refsource" : "BEA",
"url" : "http://dev2dev.bea.com/pub/advisory/272"
},
{
"name" : "GLSA-200804-20",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name" : "GLSA-200804-28",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name" : "GLSA-200806-11",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
},
{
"name" : "HPSBUX02284",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
},
{
"name" : "SSRT071483",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
},
{
"name" : "103073",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1"
},
{
"name" : "SUSE-SA:2007:055",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_55_java.html"
},
{
"name" : "25920",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25920"
},
{
"name" : "oval:org.mitre.oval:def:5899",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5899"
},
{
"name" : "ADV-2007-3895",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3895"
},
{
"name" : "ADV-2008-0609",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0609"
},
{
"name" : "ADV-2008-1856",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name" : "1018770",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018770"
},
{
"name" : "27261",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27261"
},
{
"name" : "27693",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27693"
},
{
"name" : "29042",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29042"
},
{
"name" : "29858",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29858"
},
{
"name" : "30676",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30676"
},
{
"name" : "30780",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30780"
},
{
"name" : "javaweb-cache-information-disclosure(36946)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36946"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka \"two vulnerabilities.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-3895",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3895"
},
{
"name": "30676",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30676"
},
{
"name": "29042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29042"
},
{
"name": "oval:org.mitre.oval:def:5899",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5899"
},
{
"name": "27693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27693"
},
{
"name": "SUSE-SA:2007:055",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_55_java.html"
},
{
"name": "javaweb-cache-information-disclosure(36946)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36946"
},
{
"name": "GLSA-200804-28",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200804-28.xml"
},
{
"name": "HPSBUX02284",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
},
{
"name": "29858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29858"
},
{
"name": "ADV-2008-0609",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0609"
},
{
"name": "27261",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27261"
},
{
"name": "SSRT071483",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533"
},
{
"name": "BEA08-198.00",
"refsource": "BEA",
"url": "http://dev2dev.bea.com/pub/advisory/272"
},
{
"name": "30780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30780"
},
{
"name": "25920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25920"
},
{
"name": "ADV-2008-1856",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1856/references"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html"
},
{
"name": "103073",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103073-1"
},
{
"name": "1018770",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018770"
},
{
"name": "GLSA-200804-20",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml"
},
{
"name": "GLSA-200806-11",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml"
}
]
}
}

130
2007/5xxx/CVE-2007-5696.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5696",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071023 [Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482680/100/0/threaded"
},
{
"name" : "3305",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3305"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071023 [Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482680/100/0/threaded"
},
{
"name": "3305",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3305"
}
]
}
}

150
2007/5xxx/CVE-2007-5841.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5841",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4606",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4606"
},
{
"name" : "26322",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26322"
},
{
"name" : "ADV-2007-3753",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3753"
},
{
"name" : "nuboard-index-file-include(38253)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38253"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in admin/index.php in nuBoard 0.5 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "nuboard-index-file-include(38253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38253"
},
{
"name": "26322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26322"
},
{
"name": "ADV-2007-3753",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3753"
},
{
"name": "4606",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4606"
}
]
}
}

34
2009/2xxx/CVE-2009-2418.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2418",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2009-2418",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}
}

210
2009/2xxx/CVE-2009-2722.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2722",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2722",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource" : "CONFIRM",
"url" : "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
"refsource" : "CONFIRM",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
},
{
"name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name" : "APPLE-SA-2009-09-03-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
},
{
"name" : "GLSA-200911-02",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name" : "37386",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37386"
},
{
"name" : "37460",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/37460"
},
{
"name" : "ADV-2009-2543",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2543"
},
{
"name" : "ADV-2009-3316",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/3316"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2543",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2543"
},
{
"name": "37460",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37460"
},
{
"name": "GLSA-200911-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200911-02.xml"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
},
{
"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-118667-22-1"
},
{
"name": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html",
"refsource": "CONFIRM",
"url": "http://java.sun.com/j2se/1.5.0/ReleaseNotes.html"
},
{
"name": "APPLE-SA-2009-09-03-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
},
{
"name": "37386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37386"
},
{
"name": "ADV-2009-3316",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3316"
}
]
}
}

140
2009/2xxx/CVE-2009-2790.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2790",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.org/0907-exploits/softbizdating-sql.txt",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.org/0907-exploits/softbizdating-sql.txt"
},
{
"name" : "35896",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35896"
},
{
"name" : "datingscript-catproducts-sql-injection(52158)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52158"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in cat_products.php in SoftBiz Dating Script allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: this might overlap CVE-2006-3271.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "datingscript-catproducts-sql-injection(52158)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52158"
},
{
"name": "http://packetstormsecurity.org/0907-exploits/softbizdating-sql.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0907-exploits/softbizdating-sql.txt"
},
{
"name": "35896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35896"
}
]
}
}

130
2015/0xxx/CVE-2015-0530.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0530",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2015-0530",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150415 ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"name" : "1032147",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032147"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150415 ESA-2015-069: EMC NetWorker Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Apr/103"
},
{
"name": "1032147",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032147"
}
]
}
}

130
2015/0xxx/CVE-2015-0550.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0550",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote attackers to bypass intended Content Server access restrictions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2015-0550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150623 ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2015/Jun/114"
},
{
"name" : "1032694",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032694"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, and 7.2 before P01 allows remote attackers to bypass intended Content Server access restrictions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032694",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032694"
},
{
"name": "20150623 ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2015/Jun/114"
}
]
}
}

150
2015/3xxx/CVE-2015-3066.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3066",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-200",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-200"
},
{
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"name" : "74604",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74604"
},
{
"name" : "1032284",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032284"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3061, CVE-2015-3062, CVE-2015-3063, CVE-2015-3064, CVE-2015-3065, CVE-2015-3067, CVE-2015-3068, CVE-2015-3069, CVE-2015-3071, CVE-2015-3072, CVE-2015-3073, and CVE-2015-3074."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74604"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-200",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-200"
},
{
"name": "https://helpx.adobe.com/security/products/reader/apsb15-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html"
},
{
"name": "1032284",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032284"
}
]
}
}

190
2015/3xxx/CVE-2015-3256.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3256",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to \"javascript rule evaluation.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[polkit-devel] 20150702 polkit-0.113 released",
"refsource" : "MLIST",
"url" : "http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1245684",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1245684"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name" : "RHSA-2016:0189",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0189.html"
},
{
"name" : "openSUSE-SU-2015:1734",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:1927",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html"
},
{
"name" : "77356",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77356"
},
{
"name" : "1035023",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035023"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (memory corruption and polkitd daemon crash) and possibly gain privileges via unspecified vectors, related to \"javascript rule evaluation.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1245684",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245684"
},
{
"name": "RHSA-2016:0189",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0189.html"
},
{
"name": "77356",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77356"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "openSUSE-SU-2015:1927",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html"
},
{
"name": "[polkit-devel] 20150702 polkit-0.113 released",
"refsource": "MLIST",
"url": "http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html"
},
{
"name": "openSUSE-SU-2015:1734",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html"
},
{
"name": "1035023",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035023"
}
]
}
}

270
2015/4xxx/CVE-2015-4104.json
View File

@ -1,137 +1,137 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4104",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://xenbits.xen.org/xsa/advisory-129.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-129.html"
},
{
"name" : "http://support.citrix.com/article/CTX201145",
"refsource" : "CONFIRM",
"url" : "http://support.citrix.com/article/CTX201145"
},
{
"name" : "https://support.citrix.com/article/CTX206006",
"refsource" : "CONFIRM",
"url" : "https://support.citrix.com/article/CTX206006"
},
{
"name" : "DSA-3286",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3286"
},
{
"name" : "DSA-3284",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3284"
},
{
"name" : "FEDORA-2015-9965",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
},
{
"name" : "FEDORA-2015-9456",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"name" : "FEDORA-2015-9466",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"name" : "GLSA-201604-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-03"
},
{
"name" : "SUSE-SU-2015:1042",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"name" : "SUSE-SU-2015:1045",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"name" : "SUSE-SU-2015:1156",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"name" : "SUSE-SU-2015:1157",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"name" : "USN-2630-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"name" : "74950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74950"
},
{
"name" : "1032464",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032464"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-2630-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2630-1"
},
{
"name": "https://support.citrix.com/article/CTX206006",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX206006"
},
{
"name": "DSA-3286",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3286"
},
{
"name": "SUSE-SU-2015:1156",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html"
},
{
"name": "1032464",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032464"
},
{
"name": "FEDORA-2015-9466",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html"
},
{
"name": "DSA-3284",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3284"
},
{
"name": "SUSE-SU-2015:1157",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html"
},
{
"name": "http://support.citrix.com/article/CTX201145",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX201145"
},
{
"name": "SUSE-SU-2015:1045",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html"
},
{
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "74950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74950"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-129.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-129.html"
},
{
"name": "FEDORA-2015-9456",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160171.html"
},
{
"name": "SUSE-SU-2015:1042",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html"
},
{
"name": "FEDORA-2015-9965",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html"
}
]
}
}

120
2015/4xxx/CVE-2015-4409.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4409",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the SDK issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.hikvision.com/En/Press-Release-details_435_i1023.html",
"refsource" : "CONFIRM",
"url" : "http://www.hikvision.com/En/Press-Release-details_435_i1023.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request, aka the SDK issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hikvision.com/En/Press-Release-details_435_i1023.html",
"refsource": "CONFIRM",
"url": "http://www.hikvision.com/En/Press-Release-details_435_i1023.html"
}
]
}
}

34
2015/4xxx/CVE-2015-4571.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4571",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4571",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2015/4xxx/CVE-2015-4613.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4613",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/",
"refsource" : "MISC",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/"
},
{
"name" : "http://typo3.org/extensions/repository/view/devlog",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/devlog"
},
{
"name" : "75257",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75257"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.11.4 for TYPO3 allows remote editors to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/",
"refsource": "MISC",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-011/"
},
{
"name": "75257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75257"
},
{
"name": "http://typo3.org/extensions/repository/view/devlog",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/devlog"
}
]
}
}

130
2015/4xxx/CVE-2015-4837.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4837",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "1033881",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033881"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033881",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033881"
}
]
}
}

150
2015/4xxx/CVE-2015-4993.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4993",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4998."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970176",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970176"
},
{
"name" : "PI47516",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI47516"
},
{
"name" : "78609",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78609"
},
{
"name" : "1034284",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034284"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF19, and 8.5.0 before CF08 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-4998."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "PI47516",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI47516"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970176",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970176"
},
{
"name": "78609",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78609"
},
{
"name": "1034284",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034284"
}
]
}
}

170
2015/8xxx/CVE-2015-8023.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8023",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html",
"refsource" : "CONFIRM",
"url" : "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html"
},
{
"name" : "DSA-3398",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3398"
},
{
"name" : "openSUSE-SU-2015:2103",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00139.html"
},
{
"name" : "SUSE-SU-2015:2183",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00025.html"
},
{
"name" : "USN-2811-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2811-1"
},
{
"name" : "84947",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84947"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00025.html"
},
{
"name": "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html",
"refsource": "CONFIRM",
"url": "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html"
},
{
"name": "openSUSE-SU-2015:2103",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00139.html"
},
{
"name": "84947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84947"
},
{
"name": "DSA-3398",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3398"
},
{
"name": "USN-2811-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2811-1"
}
]
}
}

34
2015/8xxx/CVE-2015-8196.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8196",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8196",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

190
2015/8xxx/CVE-2015-8715.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8715",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8715",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-34.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-34.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name" : "DSA-3505",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3505"
},
{
"name" : "GLSA-201604-05",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-05"
},
{
"name" : "79816",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79816"
},
{
"name" : "1034551",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034551"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11607"
},
{
"name": "DSA-3505",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3505"
},
{
"name": "79816",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79816"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40caff2d1fb08262c84aaaa8ac584baa8866dd7c"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-34.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-34.html"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}
}

132
2015/9xxx/CVE-2015-9067.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-07-01T00:00:00",
"ID" : "CVE-2015-9067",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "All Qualcomm products",
"version" : {
"version_data" : [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Exposure in TrustZone"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-07-01T00:00:00",
"ID": "CVE-2015-9067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name" : "99467",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99467"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Exposure in TrustZone"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99467"
}
]
}
}

132
2015/9xxx/CVE-2015-9224.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2015-9224",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, Small Cell SoC",
"version" : {
"version_data" : [
{
"version_value" : "FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy with Checking Size in Core"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9224",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, Small Cell SoC",
"version": {
"version_data": [
{
"version_value": "FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Copy with Checking Size in Core"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

220
2016/1xxx/CVE-2016-1653.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1653",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-1653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html"
},
{
"name" : "https://codereview.chromium.org/1740123002",
"refsource" : "CONFIRM",
"url" : "https://codereview.chromium.org/1740123002"
},
{
"name" : "https://crbug.com/589792",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/589792"
},
{
"name" : "DSA-3549",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3549"
},
{
"name" : "GLSA-201605-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201605-02"
},
{
"name" : "RHSA-2016:0638",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0638.html"
},
{
"name" : "SUSE-SU-2016:1060",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html"
},
{
"name" : "openSUSE-SU-2016:1061",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html"
},
{
"name" : "openSUSE-SU-2016:1135",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html"
},
{
"name" : "openSUSE-SU-2016:1136",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html"
},
{
"name" : "USN-2955-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2955-1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related to compiler/pipeline.cc and compiler/simplified-lowering.cc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:1136",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00050.html"
},
{
"name": "openSUSE-SU-2016:1135",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00049.html"
},
{
"name": "RHSA-2016:0638",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0638.html"
},
{
"name": "https://crbug.com/589792",
"refsource": "CONFIRM",
"url": "https://crbug.com/589792"
},
{
"name": "SUSE-SU-2016:1060",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00040.html"
},
{
"name": "DSA-3549",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3549"
},
{
"name": "openSUSE-SU-2016:1061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00041.html"
},
{
"name": "USN-2955-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2955-1"
},
{
"name": "https://codereview.chromium.org/1740123002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1740123002"
},
{
"name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}

410
2016/1xxx/CVE-2016-1930.json
View File

@ -1,207 +1,207 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1930",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-1930",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-01.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221385",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1221385"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1223670",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1223670"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1224200",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1224200"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230483",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230483"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230639",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230639"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230668",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230668"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230686",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1230686"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233152",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233152"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233346",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233346"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233925",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233925"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1234280",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1234280"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1234571",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1234571"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name" : "DSA-3457",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3457"
},
{
"name" : "DSA-3491",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3491"
},
{
"name" : "GLSA-201605-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201605-06"
},
{
"name" : "RHSA-2016:0258",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0258.html"
},
{
"name" : "RHSA-2016:0071",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0071.html"
},
{
"name" : "openSUSE-SU-2016:0306",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"
},
{
"name" : "openSUSE-SU-2016:0309",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"
},
{
"name" : "openSUSE-SU-2016:0310",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html"
},
{
"name" : "SUSE-SU-2016:0338",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html"
},
{
"name" : "openSUSE-SU-2016:0488",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"name" : "openSUSE-SU-2016:0492",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html"
},
{
"name" : "USN-2904-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2904-1"
},
{
"name" : "USN-2880-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2880-1"
},
{
"name" : "USN-2880-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2880-2"
},
{
"name" : "81953",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/81953"
},
{
"name" : "1034825",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034825"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3457",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3457"
},
{
"name": "DSA-3491",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3491"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234571",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234571"
},
{
"name": "openSUSE-SU-2016:0492",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00105.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1223670",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1223670"
},
{
"name": "1034825",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034825"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234280",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1234280"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221385",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1221385"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "RHSA-2016:0071",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0071.html"
},
{
"name": "USN-2880-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2880-1"
},
{
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-01.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-01.html"
},
{
"name": "USN-2880-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2880-2"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1224200",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1224200"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233152",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233152"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230668",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230668"
},
{
"name": "RHSA-2016:0258",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0258.html"
},
{
"name": "SUSE-SU-2016:0338",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00010.html"
},
{
"name": "openSUSE-SU-2016:0309",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"
},
{
"name": "USN-2904-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2904-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230639",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230639"
},
{
"name": "81953",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81953"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230686",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230686"
},
{
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
},
{
"name": "openSUSE-SU-2016:0488",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html"
},
{
"name": "openSUSE-SU-2016:0306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"
},
{
"name": "openSUSE-SU-2016:0310",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00003.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233346",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233346"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230483",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1230483"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233925",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233925"
}
]
}
}

160
2016/5xxx/CVE-2016-5086.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5086",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-5086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS",
"refsource" : "MISC",
"url" : "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS"
},
{
"name" : "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01"
},
{
"name" : "VU#884840",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/884840"
},
{
"name" : "93351",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93351"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Johnson & Johnson Animas OneTouch Ping devices allow remote attackers to bypass authentication via replay attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/infosec/blog/2016/10/04/r7-2016-07-multiple-vulnerabilities-in-animas-onetouch-ping-insulin-pump"
},
{
"name": "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/BLUU-A9SQRS"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-16-279-01"
},
{
"name": "VU#884840",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/884840"
},
{
"name": "93351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93351"
}
]
}
}

34
2016/5xxx/CVE-2016-5122.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5122",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5122",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

210
2016/5xxx/CVE-2016-5400.json
View File

@ -1,107 +1,107 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com",
"ID" : "CVE-2016-5400",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-5400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160725 CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/07/25/1"
},
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358184",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358184"
},
{
"name" : "https://github.com/torvalds/linux/commit/aa93d1fee85c890a34f2510a310e55ee76a27848",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/aa93d1fee85c890a34f2510a310e55ee76a27848"
},
{
"name" : "USN-3070-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"name" : "USN-3070-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"name" : "USN-3070-4",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"name" : "USN-3070-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"name" : "92104",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92104"
},
{
"name" : "1036432",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036432"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3070-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-1"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=aa93d1fee85c890a34f2510a310e55ee76a27848"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1358184",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358184"
},
{
"name": "USN-3070-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-3"
},
{
"name": "[oss-security] 20160725 CVE-2016-5400 - linux kernel: denial of service in airspy USB driver.",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/07/25/1"
},
{
"name": "USN-3070-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-2"
},
{
"name": "1036432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036432"
},
{
"name": "USN-3070-4",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3070-4"
},
{
"name": "https://github.com/torvalds/linux/commit/aa93d1fee85c890a34f2510a310e55ee76a27848",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/aa93d1fee85c890a34f2510a310e55ee76a27848"
},
{
"name": "92104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92104"
}
]
}
}

34
2018/2xxx/CVE-2018-2100.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2100",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2100",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

34
2018/2xxx/CVE-2018-2111.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2111",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2111",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

34
2018/2xxx/CVE-2018-2163.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2163",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2163",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

34
2018/2xxx/CVE-2018-2290.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2290",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2290",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

34
2018/2xxx/CVE-2018-2534.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2534",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-2534",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

132
2018/2xxx/CVE-2018-2827.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2827",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Hospitality Suite8",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "8.x"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile). The supported version that is affected is 8.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Suite8. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Suite8."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Hospitality Suite8",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "8.x"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name" : "103914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103914"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile). The supported version that is affected is 8.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Suite8. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Suite8. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suite8 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suite8 accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Suite8."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103914"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
}
]
}
}

34
2018/6xxx/CVE-2018-6276.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6276",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6276",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

178
2018/6xxx/CVE-2018-6670.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@mcafee.com",
"ID" : "CVE-2018-6670",
"STATE" : "PUBLIC",
"TITLE" : "External Entity Attack vulnerability in McAfee Common UI (CUI)"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Common UI (CUI)",
"version" : {
"version_data" : [
{
"platform" : "x86",
"version_name" : "2.0.2",
"version_value" : "2.0.2"
}
]
}
}
]
},
"vendor_name" : "McAfee"
}
]
}
},
"credit" : [
{
"lang" : "eng",
"value" : "McAfee credits Łukasz Juszczyk from ING Business Shared Services B.V. for reporting this flaw."
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "LOW",
"baseScore" : 7.6,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "External Entity Attack vulnerability\n"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6670",
"STATE": "PUBLIC",
"TITLE": "External Entity Attack vulnerability in McAfee Common UI (CUI)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Common UI (CUI)",
"version": {
"version_data": [
{
"platform": "x86",
"version_name": "2.0.2",
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10236",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10236"
}
]
},
"source" : {
"advisory" : "SB10236",
"discovery" : "EXTERNAL"
}
}
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits \u0141ukasz Juszczyk from ING Business Shared Services B.V. for reporting this flaw."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "External Entity Attack vulnerability\n"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10236",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10236"
}
]
},
"source": {
"advisory": "SB10236",
"discovery": "EXTERNAL"
}
}

120
2018/6xxx/CVE-2018-6909.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6909",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6909",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger",
"refsource" : "MISC",
"url" : "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger",
"refsource": "MISC",
"url": "http://www.irongeek.com/i.php?page=videos/bsidesrdu2018/bsidesrdu-2018-07-when-it-rains-it-pours-sam-granger"
}
]
}
}

142
2019/0xxx/CVE-2019-0106.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0106",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2019-02-12T00:00:00",
"ID": "CVE-2019-0106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
},
{
"name" : "107069",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107069"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient run protection in install routine for Intel(R) Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
},
{
"name": "107069",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107069"
}
]
}
}

142
2019/0xxx/CVE-2019-0111.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2019-02-12T00:00:00",
"ID" : "CVE-2019-0111",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2019-02-12T00:00:00",
"ID": "CVE-2019-0111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource" : "CONFIRM",
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
},
{
"name" : "107067",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107067"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107067"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00215.html"
}
]
}
}

34
2019/0xxx/CVE-2019-0141.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0141",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0141",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0298.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0298",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0298",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0505.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0505",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0505",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1807.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1807",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1807",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1899.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1899",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1899",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

142
2019/1xxx/CVE-2019-1999.json
View File

@ -1,73 +1,73 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2019-02-04T00:00:00",
"ID" : "CVE-2019-1999",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Android"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2019-02-04T00:00:00",
"ID": "CVE-2019-1999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "Android"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "46357",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/46357/"
},
{
"name" : "https://source.android.com/security/bulletin/2019-02-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2019-02-01"
},
{
"name" : "106851",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106851"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106851",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106851"
},
{
"name": "https://source.android.com/security/bulletin/2019-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-02-01"
},
{
"name": "46357",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46357/"
}
]
}
}

34
2019/5xxx/CVE-2019-5162.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5162",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5162",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5313.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5313",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5313",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5530.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5530",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5530",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5701.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5701",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5701",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5715.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5715",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5715",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}