admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:00:55 +00:00
parent a932150dd6
commit 607c5b31ac
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3220 additions and 3220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
1999/0xxx/CVE-1999-0761.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0761", "ID": "CVE-1999-0761",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program." "value": "Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "644", "name": "644",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/644" "url": "http://www.securityfocus.com/bid/644"
}, },
{ {
"name" : "1074", "name": "1074",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/1074" "url": "http://www.osvdb.org/1074"
} }
] ]
} }

74
1999/0xxx/CVE-1999-0784.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0784", "ID": "CVE-1999-0784",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP." "value": "Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "19980827 NERP DoS attack possible in Oracle", "name": "19980827 NERP DoS attack possible in Oracle",
"refsource" : "NTBUGTRAQ", "refsource": "NTBUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/ntbugtraq/1998/msg00536.html" "url": "http://archives.neohapsis.com/archives/ntbugtraq/1998/msg00536.html"
}, },
{ {
"name" : "19990104 Re: Fw:\"NERP\" DoS attack possible in Oracle", "name": "19981228 Oracle8 TNSLSNR DoS",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/1999_1/0056.html" "url": "http://archives.neohapsis.com/archives/bugtraq/1998_4/0764.html"
}, },
{ {
"name" : "19981228 Oracle8 TNSLSNR DoS", "name": "19990104 Re: Fw:\"NERP\" DoS attack possible in Oracle",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/1998_4/0764.html" "url": "http://archives.neohapsis.com/archives/bugtraq/1999_1/0056.html"
} }
] ]
} }

68
1999/1xxx/CVE-1999-1151.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1151", "ID": "CVE-1999-1151",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password." "value": "Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "19980603 Compaq/Microcom 6000 DoS + more", "name": "19980603 Compaq/Microcom 6000 DoS + more",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=90296493106214&w=2" "url": "http://marc.info/?l=bugtraq&m=90296493106214&w=2"
}, },
{ {
"name" : "microcom-dos(2089)", "name": "microcom-dos(2089)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2089" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2089"
} }
] ]
} }

104
2007/0xxx/CVE-2007-0694.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0694", "ID": "CVE-2007-0694",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter." "value": "Cross-site scripting (XSS) vulnerability in footer.php in DGNews 2.1 allows remote attackers to inject arbitrary web script or HTML via the copyright parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070528 DGNews version 2.1 XSS Attack Vulnerability", "name": "25438",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/469829/100/0/threaded" "url": "http://secunia.com/advisories/25438"
}, },
{ {
"name" : "http://www.netvigilance.com/advisory0023", "name": "2739",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://www.netvigilance.com/advisory0023" "url": "http://securityreason.com/securityalert/2739"
}, },
{ {
"name" : "24200", "name": "24200",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/24200" "url": "http://www.securityfocus.com/bid/24200"
}, },
{ {
"name" : "ADV-2007-1981", "name": "34228",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2007/1981" "url": "http://www.osvdb.org/34228"
}, },
{ {
"name" : "34228", "name": "ADV-2007-1981",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/34228" "url": "http://www.vupen.com/english/advisories/2007/1981"
}, },
{ {
"name" : "25438", "name": "dgnews-footer-xss(34537)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/25438" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34537"
}, },
{ {
"name" : "2739", "name": "20070528 DGNews version 2.1 XSS Attack Vulnerability",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/2739" "url": "http://www.securityfocus.com/archive/1/469829/100/0/threaded"
}, },
{ {
"name" : "dgnews-footer-xss(34537)", "name": "http://www.netvigilance.com/advisory0023",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34537" "url": "http://www.netvigilance.com/advisory0023"
} }
] ]
} }

80
2007/1xxx/CVE-2007-1056.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1056", "ID": "CVE-2007-1056",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the \"VMware tools service\" service. NOTE: exploitation is simplified via (1) weak file permissions (Users = Read & Execute) for %PROGRAMFILES%\\VMware; and weak registry key permissions (access by Users) for (2) vmmouse, (3) vmscsi, (4) VMTools, (5) vmx_svga, and (6) vmxnet in HKLM\\SYSTEM\\CurrentControlSet\\Services\\; which allows local users to perform various privileged actions outside of the guest OS by executing certain files under %PROGRAMFILES%\\VMware\\VMware Tools, as demonstrated by (a) VMControlPanel.cpl and (b) vmwareservice.exe." "value": "VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the \"VMware tools service\" service. NOTE: exploitation is simplified via (1) weak file permissions (Users = Read & Execute) for %PROGRAMFILES%\\VMware; and weak registry key permissions (access by Users) for (2) vmmouse, (3) vmscsi, (4) VMTools, (5) vmx_svga, and (6) vmxnet in HKLM\\SYSTEM\\CurrentControlSet\\Services\\; which allows local users to perform various privileged actions outside of the guest OS by executing certain files under %PROGRAMFILES%\\VMware\\VMware Tools, as demonstrated by (a) VMControlPanel.cpl and (b) vmwareservice.exe."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070219 VMware Workstation multiple denial of service and isolation manipulation vulnerabilities", "name": "20070219 VMware Workstation multiple denial of service and isolation manipulation vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460664/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/460664/100/0/threaded"
}, },
{ {
"name" : "20070303 Re: VMware Workstation multiple denial of service and isolation manipulation vulnerabilities", "name": "2281",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/461807/100/0/threaded" "url": "http://securityreason.com/securityalert/2281"
}, },
{ {
"name" : "45244", "name": "45244",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/45244" "url": "http://osvdb.org/45244"
}, },
{ {
"name" : "2281", "name": "20070303 Re: VMware Workstation multiple denial of service and isolation manipulation vulnerabilities",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/2281" "url": "http://www.securityfocus.com/archive/1/461807/100/0/threaded"
} }
] ]
} }

80
2007/1xxx/CVE-2007-1162.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1162", "ID": "CVE-2007-1162",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) IsFolderAvailable or (2) RootFolder property value, different vectors than CVE-2007-0371." "value": "A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long (1) IsFolderAvailable or (2) RootFolder property value, different vectors than CVE-2007-0371."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3350", "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/22645.html",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/3350" "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/22645.html"
}, },
{ {
"name" : "http://www.securityfocus.com/data/vulnerabilities/exploits/22645.html", "name": "34963",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/data/vulnerabilities/exploits/22645.html" "url": "http://osvdb.org/34963"
}, },
{ {
"name" : "22645", "name": "22645",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/22645" "url": "http://www.securityfocus.com/bid/22645"
}, },
{ {
"name" : "34963", "name": "3350",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/34963" "url": "https://www.exploit-db.com/exploits/3350"
} }
] ]
} }

74
2007/1xxx/CVE-2007-1235.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1235", "ID": "CVE-2007-1235",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file." "value": "Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070223 sitex multiple vulnerabilities", "name": "20070223 sitex multiple vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461305/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"
}, },
{ {
"name" : "33157", "name": "33157",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/33157" "url": "http://osvdb.org/33157"
}, },
{ {
"name" : "2373", "name": "2373",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/2373" "url": "http://securityreason.com/securityalert/2373"
} }
] ]
} }

104
2007/1xxx/CVE-2007-1605.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1605", "ID": "CVE-2007-1605",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "w-Agora (Web-Agora) allows remote attackers to obtain sensitive information via a request to rss.php with an invalid (1) site or (2) bn parameter, (3) a certain value of the site[] parameter, or (4) an empty value of the bn[] parameter; a request to index.php with a certain value of the (5) site[] or (6) sort[] parameter; (7) a request to profile.php with an empty value of the site[] parameter; or a request to search.php with (8) an empty value of the bn[] parameter or a certain value of the (9) pattern[] or (10) search_date[] parameter, which reveal the path in various error messages, probably related to variable type inconsistencies. NOTE: the bn[] parameter to index.php is already covered by CVE-2007-0606.1." "value": "w-Agora (Web-Agora) allows remote attackers to obtain sensitive information via a request to rss.php with an invalid (1) site or (2) bn parameter, (3) a certain value of the site[] parameter, or (4) an empty value of the bn[] parameter; a request to index.php with a certain value of the (5) site[] or (6) sort[] parameter; (7) a request to profile.php with an empty value of the site[] parameter; or a request to search.php with (8) an empty value of the bn[] parameter or a certain value of the (9) pattern[] or (10) search_date[] parameter, which reveal the path in various error messages, probably related to variable type inconsistencies. NOTE: the bn[] parameter to index.php is already covered by CVE-2007-0606.1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]", "name": "34381",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/archive/1/463286/100/0/threaded" "url": "http://osvdb.org/34381"
}, },
{ {
"name" : "23057", "name": "34382",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/23057" "url": "http://osvdb.org/34382"
}, },
{ {
"name" : "34380", "name": "20070320 w-agora [multiples file upload,xss,full path disclosure,error sql]",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://osvdb.org/34380" "url": "http://www.securityfocus.com/archive/1/463286/100/0/threaded"
}, },
{ {
"name" : "34381", "name": "wagora-multiple-path-disclosure(33174)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/34381" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33174"
}, },
{ {
"name" : "34382", "name": "2462",
"refsource" : "OSVDB", "refsource": "SREASON",
"url" : "http://osvdb.org/34382" "url": "http://securityreason.com/securityalert/2462"
}, },
{ {
"name" : "24605", "name": "34380",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/24605" "url": "http://osvdb.org/34380"
}, },
{ {
"name" : "2462", "name": "24605",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/2462" "url": "http://secunia.com/advisories/24605"
}, },
{ {
"name" : "wagora-multiple-path-disclosure(33174)", "name": "23057",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33174" "url": "http://www.securityfocus.com/bid/23057"
} }
] ]
} }

62
2007/1xxx/CVE-2007-1911.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1911", "ID": "CVE-2007-1911",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow." "value": "Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3690", "name": "3690",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3690" "url": "https://www.exploit-db.com/exploits/3690"
} }
] ]
} }

110
2007/5xxx/CVE-2007-5253.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5253", "ID": "CVE-2007-5253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by an image file extension, as demonstrated by a request for a \".txt%00.gif\" file. NOTE: this might be a directory traversal vulnerability." "value": "c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by an image file extension, as demonstrated by a request for a \".txt%00.gif\" file. NOTE: this might be a directory traversal vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071004 Cart32 Arbitrary File Download Vulnerability", "name": "http://www.cart32.com/whatsnew.asp",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/481489/100/0/threaded" "url": "http://www.cart32.com/whatsnew.asp"
}, },
{ {
"name" : "30639", "name": "38580",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/30639/" "url": "http://osvdb.org/38580"
}, },
{ {
"name" : "http://www.cart32.com/whatsnew.asp", "name": "27061",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.cart32.com/whatsnew.asp" "url": "http://secunia.com/advisories/27061"
}, },
{ {
"name" : "http://www.security-assessment.com/files/advisories/2007-10-04_Cart32_Arbitrary_File_Download.pdf", "name": "25928",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.security-assessment.com/files/advisories/2007-10-04_Cart32_Arbitrary_File_Download.pdf" "url": "http://www.securityfocus.com/bid/25928"
}, },
{ {
"name" : "25928", "name": "cart32-c32web-information-disclosure(36954)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/25928" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36954"
}, },
{ {
"name" : "38580", "name": "30639",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://osvdb.org/38580" "url": "https://www.exploit-db.com/exploits/30639/"
}, },
{ {
"name" : "27061", "name": "http://www.security-assessment.com/files/advisories/2007-10-04_Cart32_Arbitrary_File_Download.pdf",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/27061" "url": "http://www.security-assessment.com/files/advisories/2007-10-04_Cart32_Arbitrary_File_Download.pdf"
}, },
{ {
"name" : "3194", "name": "20071004 Cart32 Arbitrary File Download Vulnerability",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/3194" "url": "http://www.securityfocus.com/archive/1/481489/100/0/threaded"
}, },
{ {
"name" : "cart32-c32web-information-disclosure(36954)", "name": "3194",
"refsource" : "XF", "refsource": "SREASON",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36954" "url": "http://securityreason.com/securityalert/3194"
} }
] ]
} }

86
2007/5xxx/CVE-2007-5385.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5385", "ID": "CVE-2007-5385",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071008 BT Home Flub: Pwnin the BT Home Hub", "name": "3213",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/481835/100/0/threaded" "url": "http://securityreason.com/securityalert/3213"
}, },
{ {
"name" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub", "name": "25972",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub" "url": "http://www.securityfocus.com/bid/25972"
}, },
{ {
"name" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/", "name": "20071008 BT Home Flub: Pwnin the BT Home Hub",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/" "url": "http://www.securityfocus.com/archive/1/481835/100/0/threaded"
}, },
{ {
"name" : "25972", "name": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/25972" "url": "http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub"
}, },
{ {
"name" : "3213", "name": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/",
"refsource" : "SREASON", "refsource": "MISC",
"url" : "http://securityreason.com/securityalert/3213" "url": "http://www.theregister.co.uk/2007/10/09/bt_home_hub_vuln/"
} }
] ]
} }

134
2007/5xxx/CVE-2007-5568.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5568", "ID": "CVE-2007-5568",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM)." "value": "Cisco PIX and ASA appliances with 7.0 through 8.0 software, and Cisco Firewall Services Module (FWSM) 3.1(5) and earlier, allow remote attackers to cause a denial of service (device reload) via a crafted MGCP packet, aka CSCsi90468 (appliance) and CSCsi00694 (FWSM)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance", "name": "cisco-asa-pix-mgcp-dos(37259)",
"refsource" : "CISCO", "refsource": "XF",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37259"
}, },
{ {
"name" : "20071017 Multiple Vulnerabilities in Firewall Services Module", "name": "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
}, },
{ {
"name" : "26104", "name": "1018827",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/26104" "url": "http://www.securitytracker.com/id?1018827"
}, },
{ {
"name" : "26109", "name": "27193",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/26109" "url": "http://secunia.com/advisories/27193"
}, },
{ {
"name" : "ADV-2007-3530", "name": "26109",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/3530" "url": "http://www.securityfocus.com/bid/26109"
}, },
{ {
"name" : "ADV-2007-3531", "name": "20071017 Multiple Vulnerabilities in Firewall Services Module",
"refsource" : "VUPEN", "refsource": "CISCO",
"url" : "http://www.vupen.com/english/advisories/2007/3531" "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda61.shtml"
}, },
{ {
"name" : "1018825", "name": "1018825",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018825" "url": "http://www.securitytracker.com/id?1018825"
}, },
{ {
"name" : "1018826", "name": "ADV-2007-3531",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://www.securitytracker.com/id?1018826" "url": "http://www.vupen.com/english/advisories/2007/3531"
}, },
{ {
"name" : "1018827", "name": "cisco-fwsm-mgcp-dos(37257)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1018827" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37257"
}, },
{ {
"name" : "27193", "name": "ADV-2007-3530",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/27193" "url": "http://www.vupen.com/english/advisories/2007/3530"
}, },
{ {
"name" : "27236", "name": "1018826",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/27236" "url": "http://www.securitytracker.com/id?1018826"
}, },
{ {
"name" : "cisco-asa-pix-mgcp-dos(37259)", "name": "27236",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37259" "url": "http://secunia.com/advisories/27236"
}, },
{ {
"name" : "cisco-fwsm-mgcp-dos(37257)", "name": "26104",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37257" "url": "http://www.securityfocus.com/bid/26104"
} }
] ]
} }

110
2007/5xxx/CVE-2007-5637.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5637", "ID": "CVE-2007-5637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables \"surveillance mode.\" NOTE: issues relating to a small ID number space can be leveraged to make this attack easier." "value": "The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables \"surveillance mode.\" NOTE: issues relating to a small ID number space can be leveraged to make this attack easier."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071018 Nortel IP Phone Surveillance Mode", "name": "nortel-ipphone-unistim-audio-hijacking(37255)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/482478/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37255"
}, },
{ {
"name" : "http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt", "name": "41769",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt" "url": "http://osvdb.org/41769"
}, },
{ {
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714", "name": "27234",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714" "url": "http://secunia.com/advisories/27234"
}, },
{ {
"name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf", "name": "http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf" "url": "http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt"
}, },
{ {
"name" : "26120", "name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/26120" "url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf"
}, },
{ {
"name" : "41769", "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/41769" "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714"
}, },
{ {
"name" : "27234", "name": "3272",
"refsource" : "SECUNIA", "refsource": "SREASON",
"url" : "http://secunia.com/advisories/27234" "url": "http://securityreason.com/securityalert/3272"
}, },
{ {
"name" : "3272", "name": "20071018 Nortel IP Phone Surveillance Mode",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/3272" "url": "http://www.securityfocus.com/archive/1/482478/100/0/threaded"
}, },
{ {
"name" : "nortel-ipphone-unistim-audio-hijacking(37255)", "name": "26120",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37255" "url": "http://www.securityfocus.com/bid/26120"
} }
] ]
} }

134
2007/5xxx/CVE-2007-5858.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5858", "ID": "CVE-2007-5858",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to \"navigate the subframes of any other page,\" which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information." "value": "WebKit in Safari in Apple Mac OS X 10.4.11 and 10.5.1, iPhone 1.0 through 1.1.2, and iPod touch 1.1 through 1.1.2 allows remote attackers to \"navigate the subframes of any other page,\" which can be leveraged to conduct cross-site scripting (XSS) attacks and obtain sensitive information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=307179", "name": "http://docs.info.apple.com/article.html?artnum=307178",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307179" "url": "http://docs.info.apple.com/article.html?artnum=307178"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=307178", "name": "ADV-2007-4238",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://docs.info.apple.com/article.html?artnum=307178" "url": "http://www.vupen.com/english/advisories/2007/4238"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=307302", "name": "TA07-352A",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://docs.info.apple.com/article.html?artnum=307302" "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
}, },
{ {
"name" : "APPLE-SA-2007-12-17", "name": "28136",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" "url": "http://secunia.com/advisories/28136"
}, },
{ {
"name" : "APPLE-SA-2008-01-15", "name": "http://docs.info.apple.com/article.html?artnum=307302",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html" "url": "http://docs.info.apple.com/article.html?artnum=307302"
}, },
{ {
"name" : "TA07-352A", "name": "safari-webkit-security-bypass(39091)",
"refsource" : "CERT", "refsource": "XF",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39091"
}, },
{ {
"name" : "26911", "name": "APPLE-SA-2007-12-17",
"refsource" : "BID", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/bid/26911" "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
}, },
{ {
"name" : "ADV-2007-4238", "name": "28497",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/4238" "url": "http://secunia.com/advisories/28497"
}, },
{ {
"name" : "ADV-2008-0147", "name": "http://docs.info.apple.com/article.html?artnum=307179",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2008/0147" "url": "http://docs.info.apple.com/article.html?artnum=307179"
}, },
{ {
"name" : "1019108", "name": "26911",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1019108" "url": "http://www.securityfocus.com/bid/26911"
}, },
{ {
"name" : "28136", "name": "APPLE-SA-2008-01-15",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/28136" "url": "http://lists.apple.com/archives/security-announce/2008/Jan/msg00000.html"
}, },
{ {
"name" : "28497", "name": "ADV-2008-0147",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/28497" "url": "http://www.vupen.com/english/advisories/2008/0147"
}, },
{ {
"name" : "safari-webkit-security-bypass(39091)", "name": "1019108",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39091" "url": "http://securitytracker.com/id?1019108"
} }
] ]
} }

74
2015/3xxx/CVE-2015-3095.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3095", "ID": "CVE-2015-3095",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5087, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115." "value": "Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5087, CVE-2015-5094, CVE-2015-5100, CVE-2015-5102, CVE-2015-5103, CVE-2015-5104, and CVE-2015-5115."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html", "name": "75402",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://helpx.adobe.com/security/products/reader/apsb15-15.html" "url": "http://www.securityfocus.com/bid/75402"
}, },
{ {
"name" : "75402", "name": "1032892",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/75402" "url": "http://www.securitytracker.com/id/1032892"
}, },
{ {
"name" : "1032892", "name": "https://helpx.adobe.com/security/products/reader/apsb15-15.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1032892" "url": "https://helpx.adobe.com/security/products/reader/apsb15-15.html"
} }
] ]
} }

104
2015/3xxx/CVE-2015-3124.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3124", "ID": "CVE-2015-3124",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117." "value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "37849", "name": "37849",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37849/" "url": "https://www.exploit-db.com/exploits/37849/"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html", "name": "1032810",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html" "url": "http://www.securitytracker.com/id/1032810"
}, },
{ {
"name" : "GLSA-201507-13", "name": "SUSE-SU-2015:1211",
"refsource" : "GENTOO", "refsource": "SUSE",
"url" : "https://security.gentoo.org/glsa/201507-13" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html"
}, },
{ {
"name" : "RHSA-2015:1214", "name": "RHSA-2015:1214",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1214.html" "url": "http://rhn.redhat.com/errata/RHSA-2015-1214.html"
}, },
{ {
"name" : "SUSE-SU-2015:1211", "name": "SUSE-SU-2015:1214",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html"
}, },
{ {
"name" : "SUSE-SU-2015:1214", "name": "GLSA-201507-13",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html" "url": "https://security.gentoo.org/glsa/201507-13"
}, },
{ {
"name" : "75590", "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/75590" "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html"
}, },
{ {
"name" : "1032810", "name": "75590",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1032810" "url": "http://www.securityfocus.com/bid/75590"
} }
] ]
} }

22
2015/3xxx/CVE-2015-3945.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-3945", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2015-3945",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none."
} }
] ]
} }

68
2015/4xxx/CVE-2015-4260.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-4260", "ID": "CVE-2015-4260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration Solution 10.6(1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu14862." "value": "Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration Solution 10.6(1) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCuu14862."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150709 Cisco Hosted Collaboration Solution Cross-Site Scripting Vulnerability", "name": "20150709 Cisco Hosted Collaboration Solution Cross-Site Scripting Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39804" "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39804"
}, },
{ {
"name" : "1032840", "name": "1032840",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032840" "url": "http://www.securitytracker.com/id/1032840"
} }
] ]
} }

110
2015/4xxx/CVE-2015-4600.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-4600", "ID": "CVE-2015-4600",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods." "value": "The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to \"type confusion\" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150616 Re: CVE Request: various issues in PHP", "name": "1032709",
"refsource" : "MLIST", "refsource": "SECTRACK",
"url" : "http://www.openwall.com/lists/oss-security/2015/06/16/12" "url": "http://www.securitytracker.com/id/1032709"
}, },
{ {
"name" : "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
}, },
{ {
"name" : "http://php.net/ChangeLog-5.php", "name": "http://php.net/ChangeLog-5.php",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://php.net/ChangeLog-5.php" "url": "http://php.net/ChangeLog-5.php"
}, },
{ {
"name" : "https://bugs.php.net/bug.php?id=69152", "name": "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=69152" "url": "http://git.php.net/?p=php-src.git;a=commit;h=0c136a2abd49298b66acb0cad504f0f972f5bfe8"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "name": "https://bugs.php.net/bug.php?id=69152",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "url": "https://bugs.php.net/bug.php?id=69152"
}, },
{ {
"name" : "RHSA-2015:1135", "name": "[oss-security] 20150616 Re: CVE Request: various issues in PHP",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1135.html" "url": "http://www.openwall.com/lists/oss-security/2015/06/16/12"
}, },
{ {
"name" : "RHSA-2015:1218", "name": "RHSA-2015:1135",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1218.html" "url": "http://rhn.redhat.com/errata/RHSA-2015-1135.html"
}, },
{ {
"name" : "74413", "name": "74413",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/74413" "url": "http://www.securityfocus.com/bid/74413"
}, },
{ {
"name" : "1032709", "name": "RHSA-2015:1218",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1032709" "url": "http://rhn.redhat.com/errata/RHSA-2015-1218.html"
} }
] ]
} }

22
2015/7xxx/CVE-2015-7123.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7123", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2015-7123",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }

62
2015/7xxx/CVE-2015-7263.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-7263", "ID": "CVE-2015-7263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Facebook Proxygen before 2015-11-09", "product_name": "Facebook Proxygen before 2015-11-09",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Facebook Proxygen before 2015-11-09" "version_value": "Facebook Proxygen before 2015-11-09"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value." "value": "The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unsafe URL encoding" "value": "Unsafe URL encoding"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://groups.google.com/forum/#!topic/facebook-proxygen/K8wCXbW4ihs", "name": "https://groups.google.com/forum/#!topic/facebook-proxygen/K8wCXbW4ihs",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://groups.google.com/forum/#!topic/facebook-proxygen/K8wCXbW4ihs" "url": "https://groups.google.com/forum/#!topic/facebook-proxygen/K8wCXbW4ihs"
} }
] ]
} }

22
2015/7xxx/CVE-2015-7339.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7339", "ID": "CVE-2015-7339",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2015/8xxx/CVE-2015-8097.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8097", "ID": "CVE-2015-8097",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

134
2015/8xxx/CVE-2015-8635.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8635", "ID": "CVE-2015-8635",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650." "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "39220", "name": "openSUSE-SU-2015:2403",
"refsource" : "EXPLOIT-DB", "refsource": "SUSE",
"url" : "https://www.exploit-db.com/exploits/39220/" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", "name": "1034544",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" "url": "http://www.securitytracker.com/id/1034544"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", "name": "RHSA-2015:2697",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html"
}, },
{ {
"name" : "GLSA-201601-03", "name": "SUSE-SU-2015:2401",
"refsource" : "GENTOO", "refsource": "SUSE",
"url" : "https://security.gentoo.org/glsa/201601-03" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html"
}, },
{ {
"name" : "RHSA-2015:2697", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}, },
{ {
"name" : "SUSE-SU-2015:2401", "name": "39220",
"refsource" : "SUSE", "refsource": "EXPLOIT-DB",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" "url": "https://www.exploit-db.com/exploits/39220/"
}, },
{ {
"name" : "SUSE-SU-2015:2402", "name": "SUSE-SU-2015:2402",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html"
}, },
{ {
"name" : "openSUSE-SU-2015:2400", "name": "79701",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" "url": "http://www.securityfocus.com/bid/79701"
}, },
{ {
"name" : "openSUSE-SU-2015:2403", "name": "openSUSE-SU-2015:2400",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html"
}, },
{ {
"name" : "79701", "name": "GLSA-201601-03",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/79701" "url": "https://security.gentoo.org/glsa/201601-03"
}, },
{ {
"name" : "1034544", "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1034544" "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
} }
] ]
} }

70
2015/9xxx/CVE-2015-9111.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9111", "ID": "CVE-2015-9111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile", "product_name": "Snapdragon Automobile, Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A" "version_value": "MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur." "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted Pointer Dereference in TrustZone" "value": "Untrusted Pointer Dereference in TrustZone"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01" "url": "https://source.android.com/security/bulletin/2018-04-01"
}, },
{ {
"name" : "103671", "name": "103671",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/103671" "url": "http://www.securityfocus.com/bid/103671"
} }
] ]
} }

146
2016/0xxx/CVE-2016-0634.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0634", "ID": "CVE-2016-0634",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The expansion of '\\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine." "value": "The expansion of '\\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160916 CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160927 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/16/8" "url": "http://www.openwall.com/lists/oss-security/2016/09/27/9"
}, },
{ {
"name" : "[oss-security] 20160916 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160916 CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/16/12" "url": "http://www.openwall.com/lists/oss-security/2016/09/16/8"
}, },
{ {
"name" : "[oss-security] 20160918 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "RHSA-2017:0725",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/18/11" "url": "http://rhn.redhat.com/errata/RHSA-2017-0725.html"
}, },
{ {
"name" : "[oss-security] 20160919 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160929 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/19/7" "url": "http://www.openwall.com/lists/oss-security/2016/09/29/27"
}, },
{ {
"name" : "[oss-security] 20160920 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160920 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/20/1" "url": "http://www.openwall.com/lists/oss-security/2016/09/20/1"
}, },
{ {
"name" : "[oss-security] 20160927 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "92999",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/27/9" "url": "http://www.securityfocus.com/bid/92999"
}, },
{ {
"name" : "[oss-security] 20160929 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "RHSA-2017:1931",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/29/27" "url": "https://access.redhat.com/errata/RHSA-2017:1931"
}, },
{ {
"name" : "[oss-security] 20161007 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20161007 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/07/6" "url": "http://www.openwall.com/lists/oss-security/2016/10/07/6"
}, },
{ {
"name" : "[oss-security] 20161010 RE: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160918 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/10/3" "url": "http://www.openwall.com/lists/oss-security/2016/09/18/11"
}, },
{ {
"name" : "[oss-security] 20161010 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME", "name": "[oss-security] 20160919 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/10/10/4" "url": "http://www.openwall.com/lists/oss-security/2016/09/19/7"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1377613", "name": "[oss-security] 20161010 Re: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1377613" "url": "http://www.openwall.com/lists/oss-security/2016/10/10/4"
}, },
{ {
"name" : "GLSA-201612-39", "name": "[oss-security] 20160916 Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "GENTOO", "refsource": "MLIST",
"url" : "https://security.gentoo.org/glsa/201612-39" "url": "http://www.openwall.com/lists/oss-security/2016/09/16/12"
}, },
{ {
"name" : "RHSA-2017:0725", "name": "GLSA-201612-39",
"refsource" : "REDHAT", "refsource": "GENTOO",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0725.html" "url": "https://security.gentoo.org/glsa/201612-39"
}, },
{ {
"name" : "RHSA-2017:1931", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1377613",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2017:1931" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377613"
}, },
{ {
"name" : "92999", "name": "[oss-security] 20161010 RE: Re: CVE-2016-0634 -- bash prompt expanding $HOSTNAME",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/92999" "url": "http://www.openwall.com/lists/oss-security/2016/10/10/3"
} }
] ]
} }

74
2016/1xxx/CVE-2016-1091.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1091", "ID": "CVE-2016-1091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993." "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", "name": "1036986",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" "url": "http://www.securitytracker.com/id/1036986"
}, },
{ {
"name" : "93491", "name": "93491",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93491" "url": "http://www.securityfocus.com/bid/93491"
}, },
{ {
"name" : "1036986", "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036986" "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
} }
] ]
} }

86
2016/1xxx/CVE-2016-1108.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1108", "ID": "CVE-2016-1108",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", "name": "SUSE-SU-2016:1305",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
}, },
{ {
"name" : "MS16-064", "name": "1035827",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" "url": "http://www.securitytracker.com/id/1035827"
}, },
{ {
"name" : "RHSA-2016:1079", "name": "MS16-064",
"refsource" : "REDHAT", "refsource": "MS",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064"
}, },
{ {
"name" : "SUSE-SU-2016:1305", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
}, },
{ {
"name" : "1035827", "name": "RHSA-2016:1079",
"refsource" : "SECTRACK", "refsource": "REDHAT",
"url" : "http://www.securitytracker.com/id/1035827" "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
} }
] ]
} }

68
2016/1xxx/CVE-2016-1477.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1477", "ID": "CVE-2016-1477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891." "value": "Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a notification service password by reading administrative pages, aka Bug ID CSCuz92891."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160810 Cisco Connected Streaming Analytics Unauthorized Access Vulnerability", "name": "92398",
"refsource" : "CISCO", "refsource": "BID",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-csa" "url": "http://www.securityfocus.com/bid/92398"
}, },
{ {
"name" : "92398", "name": "20160810 Cisco Connected Streaming Analytics Unauthorized Access Vulnerability",
"refsource" : "BID", "refsource": "CISCO",
"url" : "http://www.securityfocus.com/bid/92398" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160810-csa"
} }
] ]
} }

62
2016/1xxx/CVE-2016-1501.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1501", "ID": "CVE-2016-1501",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages." "value": "ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain sensitive information via unspecified vectors, which reveals the installation path in the resulting exception messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-004", "name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-004",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-004" "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-004"
} }
] ]
} }

80
2016/1xxx/CVE-2016-1853.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1853", "ID": "CVE-2016-1853",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support." "value": "Tcl in Apple OS X before 10.11.5 allows remote attackers to obtain sensitive information by leveraging SSLv2 support."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT206567", "name": "https://support.apple.com/HT206567",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT206567" "url": "https://support.apple.com/HT206567"
}, },
{ {
"name" : "APPLE-SA-2016-05-16-4", "name": "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
}, },
{ {
"name" : "90696", "name": "90696",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/90696" "url": "http://www.securityfocus.com/bid/90696"
}, },
{ {
"name" : "1035895", "name": "1035895",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035895" "url": "http://www.securitytracker.com/id/1035895"
} }
] ]
} }

74
2016/5xxx/CVE-2016-5091.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5091", "ID": "CVE-2016-5091",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action." "value": "Extbase in TYPO3 4.3.0 before 6.2.24, 7.x before 7.6.8, and 8.1.1 allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted Extbase action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160525 CVE-Request: TYPO3 Extbase Missing Access Check", "name": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/25/4" "url": "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/"
}, },
{ {
"name" : "[oss-security] 20160526 Re: CVE-Request: TYPO3 Extbase Missing Access Check", "name": "[oss-security] 20160525 CVE-Request: TYPO3 Extbase Missing Access Check",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/26/2" "url": "http://www.openwall.com/lists/oss-security/2016/05/25/4"
}, },
{ {
"name" : "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/", "name": "[oss-security] 20160526 Re: CVE-Request: TYPO3 Extbase Missing Access Check",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-013/" "url": "http://www.openwall.com/lists/oss-security/2016/05/26/2"
} }
] ]
} }

158
2016/5xxx/CVE-2016-5129.json
View File

@ -1,141 +1,141 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5129", "ID": "CVE-2016-5129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code." "value": "Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", "name": "openSUSE-SU-2016:1868",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"
}, },
{ {
"name" : "https://codereview.chromium.org/2078403002/", "name": "openSUSE-SU-2016:1869",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://codereview.chromium.org/2078403002/" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"
}, },
{ {
"name" : "https://codereview.chromium.org/2102243002", "name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://codereview.chromium.org/2102243002" "url": "https://source.android.com/security/bulletin/2017-04-01"
}, },
{ {
"name" : "https://codereview.chromium.org/2111133002", "name": "92053",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://codereview.chromium.org/2111133002" "url": "http://www.securityfocus.com/bid/92053"
}, },
{ {
"name" : "https://crbug.com/620553", "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://crbug.com/620553" "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2017-04-01", "name": "USN-3041-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://source.android.com/security/bulletin/2017-04-01" "url": "http://www.ubuntu.com/usn/USN-3041-1"
}, },
{ {
"name" : "DSA-3637", "name": "openSUSE-SU-2016:1918",
"refsource" : "DEBIAN", "refsource": "SUSE",
"url" : "http://www.debian.org/security/2016/dsa-3637" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"
}, },
{ {
"name" : "GLSA-201610-09", "name": "https://codereview.chromium.org/2078403002/",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201610-09" "url": "https://codereview.chromium.org/2078403002/"
}, },
{ {
"name" : "RHSA-2016:1485", "name": "https://crbug.com/620553",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html" "url": "https://crbug.com/620553"
}, },
{ {
"name" : "openSUSE-SU-2016:1865", "name": "https://codereview.chromium.org/2102243002",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html" "url": "https://codereview.chromium.org/2102243002"
}, },
{ {
"name" : "openSUSE-SU-2016:1868", "name": "https://codereview.chromium.org/2111133002",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html" "url": "https://codereview.chromium.org/2111133002"
}, },
{ {
"name" : "openSUSE-SU-2016:1869", "name": "GLSA-201610-09",
"refsource" : "SUSE", "refsource": "GENTOO",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html" "url": "https://security.gentoo.org/glsa/201610-09"
}, },
{ {
"name" : "openSUSE-SU-2016:1918", "name": "openSUSE-SU-2016:1865",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"
}, },
{ {
"name" : "USN-3041-1", "name": "RHSA-2016:1485",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-3041-1" "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html"
}, },
{ {
"name" : "92053", "name": "1036428",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/92053" "url": "http://www.securitytracker.com/id/1036428"
}, },
{ {
"name" : "1038201", "name": "1038201",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038201" "url": "http://www.securitytracker.com/id/1038201"
}, },
{ {
"name" : "1036428", "name": "DSA-3637",
"refsource" : "SECTRACK", "refsource": "DEBIAN",
"url" : "http://www.securitytracker.com/id/1036428" "url": "http://www.debian.org/security/2016/dsa-3637"
} }
] ]
} }

80
2016/5xxx/CVE-2016-5405.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5405", "ID": "CVE-2016-5405",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords." "value": "389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstation 6 through 7 allows remote attackers to obtain user passwords."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358865", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1358865",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1358865" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358865"
}, },
{ {
"name" : "RHSA-2016:2594", "name": "RHSA-2016:2594",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2594.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-2594.html"
}, },
{ {
"name" : "RHSA-2016:2765", "name": "RHSA-2016:2765",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2765.html" "url": "http://rhn.redhat.com/errata/RHSA-2016-2765.html"
}, },
{ {
"name" : "93884", "name": "93884",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93884" "url": "http://www.securityfocus.com/bid/93884"
} }
] ]
} }

22
2016/5xxx/CVE-2016-5931.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5931", "ID": "CVE-2016-5931",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2018/2xxx/CVE-2018-2314.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-2314", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2018-2314",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
} }
] ]
} }

150
2018/2xxx/CVE-2018-2665.json
View File

@ -1,135 +1,135 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2665", "ID": "CVE-2018-2665",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.5.58 and prior" "version_value": "5.5.58 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.6.38 and prior" "version_value": "5.6.38 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.20 and prior" "version_value": "5.7.20 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)." "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", "name": "RHSA-2018:0587",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" "url": "https://access.redhat.com/errata/RHSA-2018:0587"
}, },
{ {
"name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", "name": "DSA-4341",
"refsource" : "MLIST", "refsource": "DEBIAN",
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" "url": "https://www.debian.org/security/2018/dsa-4341"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "name": "USN-3537-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "url": "https://usn.ubuntu.com/3537-1/"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20180117-0002/", "name": "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://security.netapp.com/advisory/ntap-20180117-0002/" "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html"
}, },
{ {
"name" : "DSA-4091", "name": "RHSA-2018:0586",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "https://www.debian.org/security/2018/dsa-4091" "url": "https://access.redhat.com/errata/RHSA-2018:0586"
}, },
{ {
"name" : "DSA-4341", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "https://www.debian.org/security/2018/dsa-4341" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
}, },
{ {
"name" : "RHSA-2018:0586", "name": "RHSA-2018:2729",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:0586" "url": "https://access.redhat.com/errata/RHSA-2018:2729"
}, },
{ {
"name" : "RHSA-2018:0587", "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "https://access.redhat.com/errata/RHSA-2018:0587" "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html"
}, },
{ {
"name" : "RHSA-2018:2439", "name": "DSA-4091",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "https://access.redhat.com/errata/RHSA-2018:2439" "url": "https://www.debian.org/security/2018/dsa-4091"
}, },
{ {
"name" : "RHSA-2018:2729", "name": "RHSA-2018:2439",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2729" "url": "https://access.redhat.com/errata/RHSA-2018:2439"
}, },
{ {
"name" : "USN-3537-1", "name": "102681",
"refsource" : "UBUNTU", "refsource": "BID",
"url" : "https://usn.ubuntu.com/3537-1/" "url": "http://www.securityfocus.com/bid/102681"
}, },
{ {
"name" : "USN-3537-2", "name": "USN-3537-2",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "https://usn.ubuntu.com/3537-2/" "url": "https://usn.ubuntu.com/3537-2/"
}, },
{ {
"name" : "102681", "name": "https://security.netapp.com/advisory/ntap-20180117-0002/",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/102681" "url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
}, },
{ {
"name" : "1040216", "name": "1040216",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040216" "url": "http://www.securitytracker.com/id/1040216"
} }
] ]
} }

76
2018/2xxx/CVE-2018-2727.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2727", "ID": "CVE-2018-2727",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Services Market Risk Measurement and Management", "product_name": "Financial Services Market Risk Measurement and Management",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.5" "version_value": "8.0.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Market Risk Measurement and Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Market Risk Measurement and Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Market Risk Measurement and Management accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." "value": "Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Market Risk Measurement and Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Market Risk Measurement and Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Market Risk Measurement and Management accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Market Risk Measurement and Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Market Risk Measurement and Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Market Risk Measurement and Management accessible data." "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Market Risk Measurement and Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Market Risk Measurement and Management accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Market Risk Measurement and Management accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
}, },
{ {
"name" : "102667", "name": "1040214",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/102667" "url": "http://www.securitytracker.com/id/1040214"
}, },
{ {
"name" : "1040214", "name": "102667",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1040214" "url": "http://www.securityfocus.com/bid/102667"
} }
] ]
} }

22
2018/2xxx/CVE-2018-2745.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2745", "ID": "CVE-2018-2745",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0166.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0166", "ID": "CVE-2019-0166",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

84
2019/0xxx/CVE-2019-0267.json
View File

@ -1,80 +1,80 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2019-0267", "ID": "CVE-2019-0267",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Manufacturing Integration and Intelligence", "product_name": "SAP Manufacturing Integration and Intelligence",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "15.0" "version_value": "15.0"
}, },
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "15.1" "version_value": "15.1"
}, },
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "15.2" "version_value": "15.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application." "value": "SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-Site Request Forgery" "value": "Cross-Site Request Forgery"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://launchpad.support.sap.com/#/notes/2686535", "name": "106990",
"refsource" : "MISC", "refsource": "BID",
"url" : "https://launchpad.support.sap.com/#/notes/2686535" "url": "http://www.securityfocus.com/bid/106990"
}, },
{ {
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
}, },
{ {
"name" : "106990", "name": "https://launchpad.support.sap.com/#/notes/2686535",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/106990" "url": "https://launchpad.support.sap.com/#/notes/2686535"
} }
] ]
} }

22
2019/0xxx/CVE-2019-0304.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0304", "ID": "CVE-2019-0304",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/1xxx/CVE-2019-1441.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1441", "ID": "CVE-2019-1441",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/1xxx/CVE-2019-1826.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1826", "ID": "CVE-2019-1826",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4086.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4086", "ID": "CVE-2019-4086",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4106.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4106", "ID": "CVE-2019-4106",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4651.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4651", "ID": "CVE-2019-4651",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4786.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4786", "ID": "CVE-2019-4786",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5220.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5220", "ID": "CVE-2019-5220",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/5xxx/CVE-2019-5839.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5839", "ID": "CVE-2019-5839",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2019/5xxx/CVE-2019-5913.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2019-5913", "ID": "CVE-2019-5913",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "The installer of LHMelting", "product_name": "The installer of LHMelting",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(LHMelting for Win32 Ver 1.65.3.6 and earlier)" "version_value": "(LHMelting for Win32 Ver 1.65.3.6 and earlier)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Micco" "vendor_name": "Micco"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory." "value": "Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability" "value": "Untrusted search path vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://micco.mars.jp/vul/2017/mhsvi20170515_01.htm", "name": "http://micco.mars.jp/vul/2017/mhsvi20170515_01.htm",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://micco.mars.jp/vul/2017/mhsvi20170515_01.htm" "url": "http://micco.mars.jp/vul/2017/mhsvi20170515_01.htm"
}, },
{ {
"name" : "JVN#83826673", "name": "JVN#83826673",
"refsource" : "JVN", "refsource": "JVN",
"url" : "http://jvn.jp/en/jp/JVN83826673/index.html" "url": "http://jvn.jp/en/jp/JVN83826673/index.html"
} }
] ]
} }

22
2019/9xxx/CVE-2019-9344.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9344", "ID": "CVE-2019-9344",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/9xxx/CVE-2019-9356.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9356", "ID": "CVE-2019-9356",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/9xxx/CVE-2019-9728.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9728", "ID": "CVE-2019-9728",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }