admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 04:01:33 +00:00
parent 44f6dc8b2d
commit 62e04c8f86
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
63 changed files with 3675 additions and 3724 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
2007/0xxx/CVE-2007-0037.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0037",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2007-0037",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
}
]
}
}

170
2007/0xxx/CVE-2007-0633.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0633",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3228",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3228"
},
{
"name" : "22313",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22313"
},
{
"name" : "ADV-2007-0423",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0423"
},
{
"name" : "33019",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33019"
},
{
"name" : "23973",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23973"
},
{
"name" : "mynews-themefunc-file-include(31971)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31971"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in include/themes/themefunc.php in MyNews 4.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myNewsConf[path][sys][index] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33019",
"refsource": "OSVDB",
"url": "http://osvdb.org/33019"
},
{
"name": "3228",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3228"
},
{
"name": "mynews-themefunc-file-include(31971)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31971"
},
{
"name": "22313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22313"
},
{
"name": "23973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23973"
},
{
"name": "ADV-2007-0423",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0423"
}
]
}
}

190
2007/0xxx/CVE-2007-0677.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0677",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][framework_path] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070131 [ECHO_ADV_63$2007] Cadre remote file inclusion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458681/100/0/threaded"
},
{
"name" : "http://echo.or.id/adv/adv63-y3dips-2007.txt",
"refsource" : "MISC",
"url" : "http://echo.or.id/adv/adv63-y3dips-2007.txt"
},
{
"name" : "3237",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3237"
},
{
"name" : "22336",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22336"
},
{
"name" : "ADV-2007-0449",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0449"
},
{
"name" : "33631",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33631"
},
{
"name" : "2215",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2215"
},
{
"name" : "cadre-classquickconfigbrowser-file-include(32005)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32005"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in fw/class.Quick_Config_Browser.php in Cadre PHP Framework 20020724 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[config][framework_path] parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2215",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2215"
},
{
"name": "ADV-2007-0449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0449"
},
{
"name": "33631",
"refsource": "OSVDB",
"url": "http://osvdb.org/33631"
},
{
"name": "22336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22336"
},
{
"name": "http://echo.or.id/adv/adv63-y3dips-2007.txt",
"refsource": "MISC",
"url": "http://echo.or.id/adv/adv63-y3dips-2007.txt"
},
{
"name": "20070131 [ECHO_ADV_63$2007] Cadre remote file inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458681/100/0/threaded"
},
{
"name": "cadre-classquickconfigbrowser-file-include(32005)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32005"
},
{
"name": "3237",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3237"
}
]
}
}

230
2007/0xxx/CVE-2007-0713.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0713",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0713",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070306 Apple QuickTime Player Remote Heap Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461983/100/0/threaded"
},
{
"name" : "http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt",
"refsource" : "MISC",
"url" : "http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt"
},
{
"name" : "APPLE-SA-2007-03-05",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=305149",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305149"
},
{
"name" : "TA07-065A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-065A.html"
},
{
"name" : "VU#880561",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/880561"
},
{
"name" : "22827",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22827"
},
{
"name" : "22843",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22843"
},
{
"name" : "ADV-2007-0825",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0825"
},
{
"name" : "1017725",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017725"
},
{
"name" : "24359",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24359"
},
{
"name" : "quicktime-quicktime-bo(32817)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32817"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted QuickTime movie file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0825"
},
{
"name": "VU#880561",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/880561"
},
{
"name": "quicktime-quicktime-bo(32817)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32817"
},
{
"name": "22827",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22827"
},
{
"name": "24359",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24359"
},
{
"name": "APPLE-SA-2007-03-05",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Mar/msg00000.html"
},
{
"name": "1017725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017725"
},
{
"name": "http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt",
"refsource": "MISC",
"url": "http://www.piotrbania.com/all/adv/quicktime-heap-adv-7.1.txt"
},
{
"name": "TA07-065A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-065A.html"
},
{
"name": "20070306 Apple QuickTime Player Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461983/100/0/threaded"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305149",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305149"
},
{
"name": "22843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22843"
}
]
}
}

200
2007/0xxx/CVE-2007-0726.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0726",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://docs.info.apple.com/article.html?artnum=305214",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name" : "APPLE-SA-2007-03-13",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name" : "TA07-072A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name" : "22948",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22948"
},
{
"name" : "ADV-2007-0930",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name" : "34850",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/34850"
},
{
"name" : "1017756",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017756"
},
{
"name" : "24479",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24479"
},
{
"name" : "macos-openssh-dos(32975)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32975"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "TA07-072A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
},
{
"name": "APPLE-SA-2007-03-13",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
},
{
"name": "22948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22948"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=305214",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305214"
},
{
"name": "1017756",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017756"
},
{
"name": "34850",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/34850"
},
{
"name": "macos-openssh-dos(32975)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32975"
},
{
"name": "ADV-2007-0930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0930"
},
{
"name": "24479",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24479"
}
]
}
}

590
2007/0xxx/CVE-2007-0779.json
View File

@ -1,297 +1,297 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0779",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-0779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070226 rPSA-2007-0040-1 firefox",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
},
{
"name" : "20070303 rPSA-2007-0040-3 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
},
{
"name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-04.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-04.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=361298",
"refsource" : "MISC",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=361298"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1081",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1081"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1103",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1103"
},
{
"name" : "FEDORA-2007-281",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2713"
},
{
"name" : "FEDORA-2007-293",
"refsource" : "FEDORA",
"url" : "http://fedoranews.org/cms/node/2728"
},
{
"name" : "GLSA-200703-04",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200703-04.xml"
},
{
"name" : "GLSA-200703-08",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name" : "MDKSA-2007:050",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
},
{
"name" : "RHSA-2007:0079",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
},
{
"name" : "RHSA-2007:0077",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
},
{
"name" : "RHSA-2007:0078",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
},
{
"name" : "RHSA-2007:0097",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
},
{
"name" : "RHSA-2007:0108",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
},
{
"name" : "20070301-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
},
{
"name" : "20070202-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
},
{
"name" : "SSA:2007-066-03",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"
},
{
"name" : "SSA:2007-066-05",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"
},
{
"name" : "SUSE-SA:2007:019",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
},
{
"name" : "SUSE-SA:2007:022",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
},
{
"name" : "USN-428-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-428-1"
},
{
"name" : "22694",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22694"
},
{
"name" : "oval:org.mitre.oval:def:8757",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757"
},
{
"name" : "ADV-2007-0718",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0718"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "32109",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32109"
},
{
"name" : "1017700",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017700"
},
{
"name" : "24238",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24238"
},
{
"name" : "24287",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24287"
},
{
"name" : "24290",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24290"
},
{
"name" : "24205",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24205"
},
{
"name" : "24328",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24328"
},
{
"name" : "24333",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24333"
},
{
"name" : "24343",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24343"
},
{
"name" : "24320",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24320"
},
{
"name" : "24293",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24293"
},
{
"name" : "24393",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24393"
},
{
"name" : "24395",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24395"
},
{
"name" : "24384",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24384"
},
{
"name" : "24437",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24437"
},
{
"name" : "24650",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24650"
},
{
"name" : "24455",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24455"
},
{
"name" : "24457",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24457"
},
{
"name" : "24342",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24342"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom cursor."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2007:0078",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0078.html"
},
{
"name": "oval:org.mitre.oval:def:8757",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8757"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=361298",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=361298"
},
{
"name": "24395",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24395"
},
{
"name": "20070226 rPSA-2007-0040-1 firefox",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461336/100/0/threaded"
},
{
"name": "24328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24328"
},
{
"name": "RHSA-2007:0108",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0108.html"
},
{
"name": "GLSA-200703-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-04.xml"
},
{
"name": "GLSA-200703-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml"
},
{
"name": "SSA:2007-066-03",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851"
},
{
"name": "24384",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24384"
},
{
"name": "1017700",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017700"
},
{
"name": "24457",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24457"
},
{
"name": "24343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24343"
},
{
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "ADV-2007-0718",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0718"
},
{
"name": "24650",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24650"
},
{
"name": "USN-428-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-428-1"
},
{
"name": "24320",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24320"
},
{
"name": "https://issues.rpath.com/browse/RPL-1103",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1103"
},
{
"name": "SUSE-SA:2007:019",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html"
},
{
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name": "20070303 rPSA-2007-0040-3 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461809/100/0/threaded"
},
{
"name": "SUSE-SA:2007:022",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_22_mozilla.html"
},
{
"name": "24293",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24293"
},
{
"name": "24238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24238"
},
{
"name": "24393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24393"
},
{
"name": "24342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24342"
},
{
"name": "24287",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24287"
},
{
"name": "22694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22694"
},
{
"name": "SSRT061181",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742"
},
{
"name": "FEDORA-2007-281",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2713"
},
{
"name": "RHSA-2007:0097",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0097.html"
},
{
"name": "FEDORA-2007-293",
"refsource": "FEDORA",
"url": "http://fedoranews.org/cms/node/2728"
},
{
"name": "20070301-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc"
},
{
"name": "24205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24205"
},
{
"name": "https://issues.rpath.com/browse/RPL-1081",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1081"
},
{
"name": "24333",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24333"
},
{
"name": "MDKSA-2007:050",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:050"
},
{
"name": "24290",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24290"
},
{
"name": "24455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24455"
},
{
"name": "RHSA-2007:0077",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2007-0077.html"
},
{
"name": "20070202-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc"
},
{
"name": "32109",
"refsource": "OSVDB",
"url": "http://osvdb.org/32109"
},
{
"name": "SSA:2007-066-05",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131"
},
{
"name": "RHSA-2007:0079",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0079.html"
},
{
"name": "http://www.mozilla.org/security/announce/2007/mfsa2007-04.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2007/mfsa2007-04.html"
},
{
"name": "24437",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24437"
}
]
}
}

220
2007/1xxx/CVE-2007-1253.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1253",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://secunia.com/secunia_research/2007-39/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2007-39/advisory/"
},
{
"name" : "http://secunia.com/secunia_research/2007-40/advisory/",
"refsource" : "MISC",
"url" : "http://secunia.com/secunia_research/2007-40/advisory/"
},
{
"name" : "GLSA-200704-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200704-19.xml"
},
{
"name" : "22770",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22770"
},
{
"name" : "ADV-2007-0798",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0798"
},
{
"name" : "33836",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33836"
},
{
"name" : "1017714",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017714"
},
{
"name" : "24232",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24232"
},
{
"name" : "24233",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24233"
},
{
"name" : "24991",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24991"
},
{
"name" : "blender-kml-kmz-command-execution(32778)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32778"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eval injection vulnerability in the (a) kmz_ImportWithMesh.py Script for Blender 0.1.9h, as used in (b) Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted (1) KML or (2) KMZ file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24233",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24233"
},
{
"name": "http://secunia.com/secunia_research/2007-39/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-39/advisory/"
},
{
"name": "22770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22770"
},
{
"name": "24991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24991"
},
{
"name": "blender-kml-kmz-command-execution(32778)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32778"
},
{
"name": "ADV-2007-0798",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0798"
},
{
"name": "http://secunia.com/secunia_research/2007-40/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-40/advisory/"
},
{
"name": "24232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24232"
},
{
"name": "GLSA-200704-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200704-19.xml"
},
{
"name": "33836",
"refsource": "OSVDB",
"url": "http://osvdb.org/33836"
},
{
"name": "1017714",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017714"
}
]
}
}

150
2007/1xxx/CVE-2007-1261.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1261",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=50071&release_id=488061",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=50071&release_id=488061"
},
{
"name" : "ADV-2007-0790",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0790"
},
{
"name" : "35998",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35998"
},
{
"name" : "openbiblio-reports-privilege-escalation(32758)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32758"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/project/shownotes.php?group_id=50071&release_id=488061",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=50071&release_id=488061"
},
{
"name": "35998",
"refsource": "OSVDB",
"url": "http://osvdb.org/35998"
},
{
"name": "ADV-2007-0790",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0790"
},
{
"name": "openbiblio-reports-privilege-escalation(32758)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32758"
}
]
}
}

140
2007/1xxx/CVE-2007-1767.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1767",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070329 AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2007-03/0392.html"
},
{
"name" : "35207",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/35207"
},
{
"name" : "aol-deskbar-toolbar-dos(33309)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33309"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in (1) Deskbar.dll and (2) Toolbar.dll in AOL 9.0 before February 2007 allows remote attackers to cause a denial of service (browser crash) via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "aol-deskbar-toolbar-dos(33309)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33309"
},
{
"name": "35207",
"refsource": "OSVDB",
"url": "http://osvdb.org/35207"
},
{
"name": "20070329 AOL 9.0 Deskbar.dll/Toolbar.dll DoS Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2007-03/0392.html"
}
]
}
}

200
2007/1xxx/CVE-2007-1824.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1824",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.php-security.org/MOPB/MOPB-42-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-42-2007.html"
},
{
"name" : "DSA-1283",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1283"
},
{
"name" : "SUSE-SA:2007:032",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name" : "USN-455-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name" : "23237",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23237"
},
{
"name" : "25062",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25062"
},
{
"name" : "25057",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25057"
},
{
"name" : "25056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25056"
},
{
"name" : "php-phpstreamfiltercreate-bo(33729)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33729"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name": "23237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23237"
},
{
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name": "USN-455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-455-1"
},
{
"name": "25057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25057"
},
{
"name": "php-phpstreamfiltercreate-bo(33729)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33729"
},
{
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-42-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-42-2007.html"
}
]
}
}

190
2007/4xxx/CVE-2007-4263.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4263",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4263",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070808 Cisco IOS Secure Copy Authorization Bypass Vulnerability",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml"
},
{
"name" : "25240",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25240"
},
{
"name" : "oval:org.mitre.oval:def:5542",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5542"
},
{
"name" : "ADV-2007-2817",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2817"
},
{
"name" : "36694",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36694"
},
{
"name" : "1018534",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018534"
},
{
"name" : "26361",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26361"
},
{
"name" : "cisco-ios-scp-file-overwrite(35872)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35872"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-2817",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2817"
},
{
"name": "26361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26361"
},
{
"name": "20070808 Cisco IOS Secure Copy Authorization Bypass Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070808-scp.shtml"
},
{
"name": "1018534",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018534"
},
{
"name": "oval:org.mitre.oval:def:5542",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5542"
},
{
"name": "cisco-ios-scp-file-overwrite(35872)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35872"
},
{
"name": "25240",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25240"
},
{
"name": "36694",
"refsource": "OSVDB",
"url": "http://osvdb.org/36694"
}
]
}
}

160
2007/4xxx/CVE-2007-4451.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4451",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server in Toribash 2.71 and earlier on Windows allows remote attackers to cause a denial of service (continuous beep and server hang) via certain commands that contain many 0x07 or other invalid characters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070818 Multiple vulnerabilities in Toribash 2.71",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/477025/100/0/threaded"
},
{
"name" : "http://aluigi.org/poc/toribashish.zip",
"refsource" : "MISC",
"url" : "http://aluigi.org/poc/toribashish.zip"
},
{
"name" : "25359",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25359"
},
{
"name" : "26507",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26507"
},
{
"name" : "3033",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3033"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The server in Toribash 2.71 and earlier on Windows allows remote attackers to cause a denial of service (continuous beep and server hang) via certain commands that contain many 0x07 or other invalid characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070818 Multiple vulnerabilities in Toribash 2.71",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477025/100/0/threaded"
},
{
"name": "http://aluigi.org/poc/toribashish.zip",
"refsource": "MISC",
"url": "http://aluigi.org/poc/toribashish.zip"
},
{
"name": "25359",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25359"
},
{
"name": "26507",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26507"
},
{
"name": "3033",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3033"
}
]
}
}

190
2007/4xxx/CVE-2007-4681.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4681",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://docs.info.apple.com/article.html?artnum=307041",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"name" : "APPLE-SA-2007-11-14",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
},
{
"name" : "TA07-319A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name" : "26444",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26444"
},
{
"name" : "ADV-2007-3868",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name" : "1018950",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1018950"
},
{
"name" : "27643",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27643"
},
{
"name" : "macosx-corefoundation-directory-bo(38464)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38464"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted directory hierarchy."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018950",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018950"
},
{
"name": "26444",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26444"
},
{
"name": "APPLE-SA-2007-11-14",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307041",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307041"
},
{
"name": "ADV-2007-3868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "27643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27643"
},
{
"name": "macosx-corefoundation-directory-bo(38464)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38464"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
}
]
}
}

34
2007/4xxx/CVE-2007-4866.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4866",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4866",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

150
2014/5xxx/CVE-2014-5189.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5189",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-5189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://packetstormsecurity.com/files/127640/WordPress-Lead-Octopus-Power-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/127640/WordPress-Lead-Octopus-Power-SQL-Injection.html"
},
{
"name" : "68934",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/68934"
},
{
"name" : "109642",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/show/osvdb/109642"
},
{
"name" : "leadoctopuspower-optinpage-sql-injection(94912)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94912"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in lib/optin/optin_page.php in the Lead Octopus plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "109642",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/109642"
},
{
"name": "http://packetstormsecurity.com/files/127640/WordPress-Lead-Octopus-Power-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127640/WordPress-Lead-Octopus-Power-SQL-Injection.html"
},
{
"name": "68934",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68934"
},
{
"name": "leadoctopuspower-optinpage-sql-injection(94912)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94912"
}
]
}
}

140
2014/5xxx/CVE-2014-5746.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5746",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#159129",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/159129"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Government Best Jobs (aka com.wGovernmentBestJobs) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#159129",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/159129"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2015/2xxx/CVE-2015-2467.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2467",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2467",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "37913",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37913/"
},
{
"name" : "MS15-081",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
},
{
"name" : "1033239",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033239"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-081",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
},
{
"name": "37913",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37913/"
},
{
"name": "1033239",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033239"
}
]
}
}

180
2015/2xxx/CVE-2015-2803.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2803",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2803",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150615 [RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535765/100/0/threaded"
},
{
"name" : "37301",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/37301/"
},
{
"name" : "20150615 [RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Jun/43"
},
{
"name" : "http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html"
},
{
"name" : "https://www.redteam-pentesting.de/advisories/rt-sa-2015-002",
"refsource" : "MISC",
"url" : "https://www.redteam-pentesting.de/advisories/rt-sa-2015-002"
},
{
"name" : "http://typo3.org/extensions/repository/view/sb_akronymmanager",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/extensions/repository/view/sb_akronymmanager"
},
{
"name" : "75191",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75191"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://typo3.org/extensions/repository/view/sb_akronymmanager",
"refsource": "CONFIRM",
"url": "http://typo3.org/extensions/repository/view/sb_akronymmanager"
},
{
"name": "http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132302/TYPO3-Extension-Akronymmanager-0.5.0-SQL-Injection.html"
},
{
"name": "20150615 [RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/43"
},
{
"name": "75191",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75191"
},
{
"name": "20150615 [RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535765/100/0/threaded"
},
{
"name": "37301",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37301/"
},
{
"name": "https://www.redteam-pentesting.de/advisories/rt-sa-2015-002",
"refsource": "MISC",
"url": "https://www.redteam-pentesting.de/advisories/rt-sa-2015-002"
}
]
}
}

34
2015/2xxx/CVE-2015-2929.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2929",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2929",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

150
2015/2xxx/CVE-2015-2956.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2956",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-2956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://jvn.jp/en/jp/JVN52478686/995646/index.html",
"refsource" : "CONFIRM",
"url" : "http://jvn.jp/en/jp/JVN52478686/995646/index.html"
},
{
"name" : "JVN#52478686",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN52478686/index.html"
},
{
"name" : "JVNDB-2015-000081",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000081"
},
{
"name" : "75076",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75076"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#52478686",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN52478686/index.html"
},
{
"name": "http://jvn.jp/en/jp/JVN52478686/995646/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN52478686/995646/index.html"
},
{
"name": "JVNDB-2015-000081",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000081"
},
{
"name": "75076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75076"
}
]
}
}

150
2015/3xxx/CVE-2015-3664.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3664",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3665 and CVE-2015-3669."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2015-3664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://support.apple.com/kb/HT204947",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT204947"
},
{
"name" : "APPLE-SA-2015-06-30-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html"
},
{
"name" : "75499",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75499"
},
{
"name" : "1032756",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032756"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "QT Media Foundation in Apple QuickTime before 7.7.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3665 and CVE-2015-3669."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.apple.com/kb/HT204947",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT204947"
},
{
"name": "75499",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75499"
},
{
"name": "1032756",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032756"
},
{
"name": "APPLE-SA-2015-06-30-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html"
}
]
}
}

34
2015/6xxx/CVE-2015-6110.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6110",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-6110",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

34
2015/6xxx/CVE-2015-6532.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6532",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6532",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2015/6xxx/CVE-2015-6684.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6684",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-6684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20151101 Adobe Reader \"Field readValues\" Use-after-Free Vulnerability",
"refsource" : "IDEFENSE",
"url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1205"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name" : "1033796",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033796"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5586, CVE-2015-6683, CVE-2015-6687, CVE-2015-6688, CVE-2015-6689, CVE-2015-6690, CVE-2015-6691, CVE-2015-7615, CVE-2015-7617, and CVE-2015-7621."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151101 Adobe Reader \"Field readValues\" Use-after-Free Vulnerability",
"refsource": "IDEFENSE",
"url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1205"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
}
]
}
}

190
2015/6xxx/CVE-2015-6760.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6760",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-6760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html"
},
{
"name" : "https://chromium.googlesource.com/angle/angle.git/+/39939686b3731eaaf6c0b639ab64db0277c72475",
"refsource" : "CONFIRM",
"url" : "https://chromium.googlesource.com/angle/angle.git/+/39939686b3731eaaf6c0b639ab64db0277c72475"
},
{
"name" : "https://code.google.com/p/chromium/issues/detail?id=519642",
"refsource" : "CONFIRM",
"url" : "https://code.google.com/p/chromium/issues/detail?id=519642"
},
{
"name" : "DSA-3376",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3376"
},
{
"name" : "GLSA-201603-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-09"
},
{
"name" : "RHSA-2015:1912",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1912.html"
},
{
"name" : "77071",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77071"
},
{
"name" : "1033816",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033816"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service (invalid read or write) or possibly have unspecified other impact via vectors involving a removed device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://chromium.googlesource.com/angle/angle.git/+/39939686b3731eaaf6c0b639ab64db0277c72475",
"refsource": "CONFIRM",
"url": "https://chromium.googlesource.com/angle/angle.git/+/39939686b3731eaaf6c0b639ab64db0277c72475"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=519642",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=519642"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html"
},
{
"name": "77071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77071"
},
{
"name": "DSA-3376",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3376"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "1033816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033816"
},
{
"name": "RHSA-2015:1912",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1912.html"
}
]
}
}

120
2015/7xxx/CVE-2015-7391.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7391",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) containerType parameter to lib/testcases/containerEdit.php; the (4) filter_tc_id or (5) filter_testcase_name parameter to lib/testcases/listTestCases.php; the (6) useRecursion parameter to lib/testcases/tcImport.php; the (7) targetTestCase or (8) created_by parameter to lib/testcases/tcSearch.php; or the (9) HTTP Referer header to third_party/user_contribution/fakeRemoteExecServer/client4fakeXMLRPCTestRunner.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20151007 TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536622/100/0/threaded"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the (1) selected_end_date or (2) selected_start_date parameter to lib/results/tcCreatedPerUserOnTestProject.php; the (3) containerType parameter to lib/testcases/containerEdit.php; the (4) filter_tc_id or (5) filter_testcase_name parameter to lib/testcases/listTestCases.php; the (6) useRecursion parameter to lib/testcases/tcImport.php; the (7) targetTestCase or (8) created_by parameter to lib/testcases/tcSearch.php; or the (9) HTTP Referer header to third_party/user_contribution/fakeRemoteExecServer/client4fakeXMLRPCTestRunner.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20151007 TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536622/100/0/threaded"
}
]
}
}

240
2015/7xxx/CVE-2015-7805.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7805",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "38447",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/38447/"
},
{
"name" : "[oss-security] 20151103 CVE request: libsndfile 1.0.25 heap overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/11/03/3"
},
{
"name" : "[oss-security] 20151103 Re: CVE request: libsndfile 1.0.25 heap overflow",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/11/03/7"
},
{
"name" : "http://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html"
},
{
"name" : "http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/",
"refsource" : "MISC",
"url" : "http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/"
},
{
"name" : "FEDORA-2015-5afed1aad2",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171466.html"
},
{
"name" : "FEDORA-2015-0f405832d3",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172607.html"
},
{
"name" : "FEDORA-2015-56be43eae6",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172593.html"
},
{
"name" : "GLSA-201612-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201612-03"
},
{
"name" : "openSUSE-SU-2015:1995",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00077.html"
},
{
"name" : "openSUSE-SU-2015:2119",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00145.html"
},
{
"name" : "USN-2832-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2832-1"
},
{
"name" : "77427",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77427"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20151103 Re: CVE request: libsndfile 1.0.25 heap overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/11/03/7"
},
{
"name": "openSUSE-SU-2015:1995",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00077.html"
},
{
"name": "77427",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77427"
},
{
"name": "http://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133926/libsndfile-1.0.25-Heap-Overflow.html"
},
{
"name": "USN-2832-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2832-1"
},
{
"name": "GLSA-201612-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-03"
},
{
"name": "FEDORA-2015-0f405832d3",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172607.html"
},
{
"name": "openSUSE-SU-2015:2119",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00145.html"
},
{
"name": "[oss-security] 20151103 CVE request: libsndfile 1.0.25 heap overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/11/03/3"
},
{
"name": "http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/",
"refsource": "MISC",
"url": "http://www.nemux.org/2015/10/13/libsndfile-1-0-25-heap-overflow/"
},
{
"name": "FEDORA-2015-56be43eae6",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172593.html"
},
{
"name": "FEDORA-2015-5afed1aad2",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171466.html"
},
{
"name": "38447",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38447/"
}
]
}
}

120
2015/7xxx/CVE-2015-7907.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7907",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7907",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02"
}
]
}
}

130
2016/0xxx/CVE-2016-0116.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0116",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Edge Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0116",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS16-024",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
},
{
"name" : "1035204",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035204"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Edge Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0123, CVE-2016-0124, CVE-2016-0129, and CVE-2016-0130."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035204",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035204"
},
{
"name": "MS16-024",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
}
]
}
}

120
2016/0xxx/CVE-2016-0292.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0292",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985907",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985907"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebReports in IBM BigFix Platform (formerly Tivoli Endpoint Manager) 9.x before 9.5.2 allows local users to discover the cleartext system password by reading a report."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985907",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985907"
}
]
}
}

166
2016/0xxx/CVE-2016-0310.json
View File

@ -1,85 +1,85 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0310",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Connections",
"version" : {
"version_data" : [
{
"version_value" : "4.5"
},
{
"version_value" : "3.0"
},
{
"version_value" : "3.0.1"
},
{
"version_value" : "3.0.1.1"
},
{
"version_value" : "4.0"
},
{
"version_value" : "5.0"
},
{
"version_value" : "5.5"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Connections",
"version": {
"version_data": [
{
"version_value": "4.5"
},
{
"version_value": "3.0"
},
{
"version_value": "3.0.1"
},
{
"version_value": "3.0.1.1"
},
{
"version_value": "4.0"
},
{
"version_value": "5.0"
},
{
"version_value": "5.5"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21988338",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21988338"
},
{
"name" : "92437",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92437"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Connections 5.5 and earlier is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21988338",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21988338"
},
{
"name": "92437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92437"
}
]
}
}

140
2016/0xxx/CVE-2016-0311.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-0311",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111480."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21986853",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21986853"
},
{
"name" : "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/"
},
{
"name" : "ibm-tivoli-cve20160311-xss(111480)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/111480"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111480."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21986853",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986853"
},
{
"name": "ibm-tivoli-cve20160311-xss(111480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111480"
},
{
"name": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/blogs/psirt/ibm-security-bulletin-cross-site-scripting-vulnerability-in-tivoli-business-service-manager-cve-2016-0311/"
}
]
}
}

150
2016/0xxx/CVE-2016-0450.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0450",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-021",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-021"
},
{
"name" : "https://redr2e.com/cve-to-poc-cve-2016-0450/",
"refsource" : "MISC",
"url" : "https://redr2e.com/cve-to-poc-cve-2016-0450/"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "81117",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/81117"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle GoldenGate component in Oracle GoldenGate 11.2 and 12.1.2 allows remote attackers to affect availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "81117",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81117"
},
{
"name": "https://redr2e.com/cve-to-poc-cve-2016-0450/",
"refsource": "MISC",
"url": "https://redr2e.com/cve-to-poc-cve-2016-0450/"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-021",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-021"
}
]
}
}

120
2016/0xxx/CVE-2016-0875.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0875",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-0875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to read configuration and log files via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-042-01"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000108.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000108",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000108",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

122
2016/10xxx/CVE-2016-10584.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00",
"ID" : "CVE-2016-10584",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "dalek-browser-chrome-canary node module",
"version" : {
"version_data" : [
{
"version_value" : "All versions"
}
]
}
}
]
},
"vendor_name" : "HackerOne"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "dalek-browser-chrome-canary provides Google Chrome bindings for DalekJS. dalek-browser-chrome-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2016-10584",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "dalek-browser-chrome-canary node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://nodesecurity.io/advisories/181",
"refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/181"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "dalek-browser-chrome-canary provides Google Chrome bindings for DalekJS. dalek-browser-chrome-canary downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/181",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/181"
}
]
}
}

130
2016/1xxx/CVE-2016-1081.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1081",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

190
2016/1xxx/CVE-2016-1494.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1494",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160104 Re: CVE Request: python-rsa signature forgery",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/05/3"
},
{
"name" : "[oss-security] 20160105 CVE Request: python-rsa signature forgery",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/01/05/1"
},
{
"name" : "https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/",
"refsource" : "MISC",
"url" : "https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/"
},
{
"name" : "https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff",
"refsource" : "CONFIRM",
"url" : "https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff"
},
{
"name" : "FEDORA-2016-70edfbbcef",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html"
},
{
"name" : "FEDORA-2016-c845706426",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html"
},
{
"name" : "openSUSE-SU-2016:0108",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html"
},
{
"name" : "79829",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79829"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160104 Re: CVE Request: python-rsa signature forgery",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/05/3"
},
{
"name": "79829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79829"
},
{
"name": "https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/",
"refsource": "MISC",
"url": "https://blog.filippo.io/bleichenbacher-06-signature-forgery-in-python-rsa/"
},
{
"name": "[oss-security] 20160105 CVE Request: python-rsa signature forgery",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/01/05/1"
},
{
"name": "FEDORA-2016-70edfbbcef",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175897.html"
},
{
"name": "openSUSE-SU-2016:0108",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00032.html"
},
{
"name": "https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff",
"refsource": "CONFIRM",
"url": "https://bitbucket.org/sybren/python-rsa/pull-requests/14/security-fix-bb06-attack-in-verify-by/diff"
},
{
"name": "FEDORA-2016-c845706426",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175942.html"
}
]
}
}

180
2016/1xxx/CVE-2016-1972.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1972",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-1972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-32.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-32.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1218124",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1218124"
},
{
"name" : "GLSA-201605-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201605-06"
},
{
"name" : "openSUSE-SU-2016:0731",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
},
{
"name" : "openSUSE-SU-2016:0733",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
},
{
"name" : "84220",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84220"
},
{
"name" : "1035215",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035215"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1218124",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1218124"
},
{
"name": "84220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84220"
},
{
"name": "openSUSE-SU-2016:0731",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
},
{
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-32.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-32.html"
},
{
"name": "openSUSE-SU-2016:0733",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
},
{
"name": "1035215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035215"
},
{
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
}
]
}
}

130
2016/4xxx/CVE-2016-4030.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4030",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004",
"refsource" : "MISC",
"url" : "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004"
},
{
"name" : "97701",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97701"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004",
"refsource": "MISC",
"url": "https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004"
},
{
"name": "97701",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97701"
}
]
}
}

150
2016/4xxx/CVE-2016-4121.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4121",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
},
{
"name" : "GLSA-201606-08",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-08"
},
{
"name" : "RHSA-2016:1079",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
},
{
"name" : "90797",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90797"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201606-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-08"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html"
},
{
"name": "90797",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90797"
},
{
"name": "RHSA-2016:1079",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html"
}
]
}
}

230
2016/4xxx/CVE-2016-4428.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4428",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-4428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160617 [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/17/4"
},
{
"name" : "https://bugs.launchpad.net/horizon/+bug/1567673",
"refsource" : "CONFIRM",
"url" : "https://bugs.launchpad.net/horizon/+bug/1567673"
},
{
"name" : "https://review.openstack.org/329996",
"refsource" : "CONFIRM",
"url" : "https://review.openstack.org/329996"
},
{
"name" : "https://review.openstack.org/329997",
"refsource" : "CONFIRM",
"url" : "https://review.openstack.org/329997"
},
{
"name" : "https://review.openstack.org/329998",
"refsource" : "CONFIRM",
"url" : "https://review.openstack.org/329998"
},
{
"name" : "https://security.openstack.org/ossa/OSSA-2016-010.html",
"refsource" : "CONFIRM",
"url" : "https://security.openstack.org/ossa/OSSA-2016-010.html"
},
{
"name" : "DSA-3617",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3617"
},
{
"name" : "RHSA-2016:1268",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1268"
},
{
"name" : "RHSA-2016:1269",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1269"
},
{
"name" : "RHSA-2016:1270",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1270"
},
{
"name" : "RHSA-2016:1271",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1271"
},
{
"name" : "RHSA-2016:1272",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1272"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:1268",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1268"
},
{
"name": "RHSA-2016:1270",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1270"
},
{
"name": "DSA-3617",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3617"
},
{
"name": "RHSA-2016:1272",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1272"
},
{
"name": "https://security.openstack.org/ossa/OSSA-2016-010.html",
"refsource": "CONFIRM",
"url": "https://security.openstack.org/ossa/OSSA-2016-010.html"
},
{
"name": "https://review.openstack.org/329997",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/329997"
},
{
"name": "https://bugs.launchpad.net/horizon/+bug/1567673",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/horizon/+bug/1567673"
},
{
"name": "RHSA-2016:1269",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1269"
},
{
"name": "[oss-security] 20160617 [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/17/4"
},
{
"name": "RHSA-2016:1271",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1271"
},
{
"name": "https://review.openstack.org/329998",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/329998"
},
{
"name": "https://review.openstack.org/329996",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/329996"
}
]
}
}

34
2019/3xxx/CVE-2019-3052.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3052",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3052",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3326.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3326",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3326",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3366.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3366",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3366",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3718.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3718",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3718",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/3xxx/CVE-2019-3991.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3991",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3991",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

188
2019/4xxx/CVE-2019-4029.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2019-02-28T00:00:00",
"ID" : "CVE-2019-4029",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Sterling B2B Integrator",
"version" : {
"version_data" : [
{
"version_value" : "5.2.0.1"
},
{
"version_value" : "6.0.0.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "L",
"PR" : "L",
"S" : "C",
"SCORE" : "5.400",
"UI" : "R"
},
"TM" : {
"E" : "H",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-02-28T00:00:00",
"ID": "CVE-2019-4029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sterling B2B Integrator",
"version": {
"version_data": [
{
"version_value": "5.2.0.1"
},
{
"version_value": "6.0.0.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/docview.wss?uid=ibm10874246"
},
{
"name" : "107223",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/107223"
},
{
"name" : "ibm-sterling-cve20194029-xss(155907)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/155907"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "L",
"PR": "L",
"S": "C",
"SCORE": "5.400",
"UI": "R"
},
"TM": {
"E": "H",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "107223",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107223"
},
{
"name": "ibm-sterling-cve20194029-xss(155907)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/155907"
},
{
"name": "https://www.ibm.com/support/docview.wss?uid=ibm10874246",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10874246"
}
]
}
}

34
2019/4xxx/CVE-2019-4200.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4200",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4200",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4416.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4416",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4416",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4961.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4961",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4961",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

53
2019/6xxx/CVE-2019-6501.json
View File

@ -2,30 +2,7 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
@ -34,33 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "MLIST [oss-security] 20190124 CVE-2019-6501 QEMU: scsi-generic: possible OOB access while handling inquiry request",
"url": "http://www.openwall.com/lists/oss-security/2019/01/24/1"
},
{
"refsource": "MLIST",
"name": "[Qemu-devel][PATCH] 20190111 scsi-generic: avoid possible out-of-bounds access to r->buf",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg02324.html"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

34
2019/6xxx/CVE-2019-6846.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6846",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6846",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7014.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7014",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7014",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7284.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7284",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7284",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/7xxx/CVE-2019-7944.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7944",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7944",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8607.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8607",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8607",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8660.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8660",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8660",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8678.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8678",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8678",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/8xxx/CVE-2019-8776.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8776",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8776",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9160.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9160",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9160",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9174.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9174",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9174",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9193.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9193",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9193",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}