admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:08:01 +00:00
parent df82f911d5
commit 67d4c08886
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
65 changed files with 3928 additions and 3928 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
1999/0xxx/CVE-1999-0451.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0451",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "343",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/343"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/343"
}
]
}
}

140
1999/0xxx/CVE-1999-0721.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0721",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0721",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "Q231457",
"refsource" : "MSKB",
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231457"
},
{
"name" : "MS99-020",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020"
},
{
"name" : "J-049",
"refsource" : "CIAC",
"url" : "http://www.ciac.org/ciac/bulletins/j-049.shtml"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "J-049",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/j-049.shtml"
},
{
"name": "MS99-020",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-020"
},
{
"name": "Q231457",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q231457"
}
]
}
}

170
2007/0xxx/CVE-2007-0163.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0163",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070106 Cracking Steganography Application in less than ONE minute",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456283/100/0/threaded"
},
{
"name" : "20070107 A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/456519/100/0/threaded"
},
{
"name" : "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html",
"refsource" : "MISC",
"url" : "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html"
},
{
"name" : "31244",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31244"
},
{
"name" : "23639",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23639"
},
{
"name" : "steganography-password-security-bypass(31378)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31378"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SecureKit Steganography 1.7.1 and 1.8 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing the last 20 bytes of the JPEG image with alternate password information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070106 Cracking Steganography Application in less than ONE minute",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456283/100/0/threaded"
},
{
"name": "20070107 A Major design Bug in Steganography 1.7.x, 1.8 (latest) (Updated Version)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/456519/100/0/threaded"
},
{
"name": "31244",
"refsource": "OSVDB",
"url": "http://osvdb.org/31244"
},
{
"name": "steganography-password-security-bypass(31378)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31378"
},
{
"name": "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html",
"refsource": "MISC",
"url": "http://homepage.mac.com/adonismac/Advisory/steg/steganography.html"
},
{
"name": "23639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23639"
}
]
}
}

150
2007/0xxx/CVE-2007-0308.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0308",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ",
"refsource" : "CONFIRM",
"url" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ"
},
{
"name" : "22051",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22051"
},
{
"name" : "32813",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32813"
},
{
"name" : "23718",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23718"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.4 (beta) allows remote attackers to inject arbitrary web script or HTML via Wiki Page titles."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22051"
},
{
"name": "23718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23718"
},
{
"name": "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ",
"refsource": "CONFIRM",
"url": "http://www.plainblack.com/getwebgui/advisories/webgui-7_3_4-beta-released#BUeIjcWiQasypsJxD-YwgQ"
},
{
"name": "32813",
"refsource": "OSVDB",
"url": "http://osvdb.org/32813"
}
]
}
}

190
2007/0xxx/CVE-2007-0683.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0683",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0683",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/458825/100/0/threaded"
},
{
"name" : "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=bugtraq&m=117036933022782&w=2"
},
{
"name" : "3242",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3242"
},
{
"name" : "http://www.xoron.info/bugs/omegaboard-html.txt",
"refsource" : "MISC",
"url" : "http://www.xoron.info/bugs/omegaboard-html.txt"
},
{
"name" : "http://www.xoron.info/bugs/omegaboard-perl.txt",
"refsource" : "MISC",
"url" : "http://www.xoron.info/bugs/omegaboard-perl.txt"
},
{
"name" : "22355",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22355"
},
{
"name" : "ADV-2007-0445",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0445"
},
{
"name" : "omegaboard-functions-file-include(32057)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32057"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in includes/functions.php in Omegaboard 1.0beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22355",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22355"
},
{
"name": "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=bugtraq&m=117036933022782&w=2"
},
{
"name": "ADV-2007-0445",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0445"
},
{
"name": "http://www.xoron.info/bugs/omegaboard-perl.txt",
"refsource": "MISC",
"url": "http://www.xoron.info/bugs/omegaboard-perl.txt"
},
{
"name": "http://www.xoron.info/bugs/omegaboard-html.txt",
"refsource": "MISC",
"url": "http://www.xoron.info/bugs/omegaboard-html.txt"
},
{
"name": "3242",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3242"
},
{
"name": "omegaboard-functions-file-include(32057)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32057"
},
{
"name": "20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458825/100/0/threaded"
}
]
}
}

150
2007/1xxx/CVE-2007-1129.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1129",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070223 MTCMS multiple upload vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461330/100/100/threaded"
},
{
"name" : "22690",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22690"
},
{
"name" : "ADV-2007-0755",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0755"
},
{
"name" : "33778",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33778"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070223 MTCMS multiple upload vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461330/100/100/threaded"
},
{
"name": "22690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22690"
},
{
"name": "ADV-2007-0755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0755"
},
{
"name": "33778",
"refsource": "OSVDB",
"url": "http://osvdb.org/33778"
}
]
}
}

160
2007/1xxx/CVE-2007-1151.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1151",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1151",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070222 LoveCMS 1.4 multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460917/100/0/threaded"
},
{
"name" : "22675",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22675"
},
{
"name" : "ADV-2007-0716",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0716"
},
{
"name" : "33520",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33520"
},
{
"name" : "2338",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2338"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2338",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2338"
},
{
"name": "22675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22675"
},
{
"name": "33520",
"refsource": "OSVDB",
"url": "http://osvdb.org/33520"
},
{
"name": "ADV-2007-0716",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0716"
},
{
"name": "20070222 LoveCMS 1.4 multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460917/100/0/threaded"
}
]
}
}

130
2007/1xxx/CVE-2007-1190.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1190",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "22755",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22755"
},
{
"name" : "36205",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/36205"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the EmbeddedWB Web Browser ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36205",
"refsource": "OSVDB",
"url": "http://osvdb.org/36205"
},
{
"name": "22755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22755"
}
]
}
}

140
2007/1xxx/CVE-2007-1953.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1953",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070406 [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/464887/100/0/threaded"
},
{
"name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41",
"refsource" : "MISC",
"url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41"
},
{
"name" : "courtsonline-phpsessid-security-bypass(33502)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33502"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web sessions by setting a PHPSESSID cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "courtsonline-phpsessid-security-bypass(33502)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33502"
},
{
"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41",
"refsource": "MISC",
"url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls41"
},
{
"name": "20070406 [MajorSecurity Advisory #41]onelook courts online - Session fixation Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464887/100/0/threaded"
}
]
}
}

180
2007/5xxx/CVE-2007-5023.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5023",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
},
{
"name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name" : "25732",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25732"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local users to gain privileges via unspecified vectors, possibly involving a malicious \"program.exe\" file in the C: folder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/support/server/doc/releasenotes_server.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/server/doc/releasenotes_server.html"
},
{
"name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html"
},
{
"name": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ace/doc/releasenotes_ace.html"
},
{
"name": "http://www.vmware.com/support/player/doc/releasenotes_player.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/player/doc/releasenotes_player.html"
},
{
"name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html"
},
{
"name": "25732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25732"
},
{
"name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html"
}
]
}
}

140
2007/5xxx/CVE-2007-5103.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5103",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "4446",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4446"
},
{
"name" : "38576",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38576"
},
{
"name" : "26924",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26924"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in config.inc.php in Wordsmith 1.0 RC1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26924",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26924"
},
{
"name": "38576",
"refsource": "OSVDB",
"url": "http://osvdb.org/38576"
},
{
"name": "4446",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4446"
}
]
}
}

190
2007/5xxx/CVE-2007-5298.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5298",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote attackers to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071006 CMS Creamotion - Remote File inclusion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481669/100/0/threaded"
},
{
"name" : "4491",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4491"
},
{
"name" : "25947",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25947"
},
{
"name" : "ADV-2007-3430",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3430"
},
{
"name" : "38637",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38637"
},
{
"name" : "38638",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38638"
},
{
"name" : "3203",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3203"
},
{
"name" : "cmscreamotion-cfgdocumenturi-file-include(36989)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36989"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in CMS Creamotion allow remote attackers to execute arbitrary PHP code via a URL in the cfg[document_uri] parameter to (1) _administration/securite.php and (2) _administration/gestion_configurations/save_config.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25947",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25947"
},
{
"name": "cmscreamotion-cfgdocumenturi-file-include(36989)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36989"
},
{
"name": "38637",
"refsource": "OSVDB",
"url": "http://osvdb.org/38637"
},
{
"name": "38638",
"refsource": "OSVDB",
"url": "http://osvdb.org/38638"
},
{
"name": "20071006 CMS Creamotion - Remote File inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481669/100/0/threaded"
},
{
"name": "4491",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4491"
},
{
"name": "ADV-2007-3430",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3430"
},
{
"name": "3203",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3203"
}
]
}
}

190
2007/5xxx/CVE-2007-5710.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5710",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5710",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071027 [waraxe-2007-SA#059] - XSS in WordPress 2.3",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482905/100/0/threaded"
},
{
"name" : "http://www.waraxe.us/advisory-59.html",
"refsource" : "MISC",
"url" : "http://www.waraxe.us/advisory-59.html"
},
{
"name" : "http://wordpress.org/development/2007/10/wordpress-231/",
"refsource" : "CONFIRM",
"url" : "http://wordpress.org/development/2007/10/wordpress-231/"
},
{
"name" : "26228",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26228"
},
{
"name" : "ADV-2007-3640",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3640"
},
{
"name" : "38279",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38279"
},
{
"name" : "27407",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27407"
},
{
"name" : "wordpress-editpostrows-xss(38166)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38166"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows remote attackers to inject arbitrary web script or HTML via the posts_columns array parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26228"
},
{
"name": "38279",
"refsource": "OSVDB",
"url": "http://osvdb.org/38279"
},
{
"name": "ADV-2007-3640",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3640"
},
{
"name": "27407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27407"
},
{
"name": "wordpress-editpostrows-xss(38166)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38166"
},
{
"name": "http://www.waraxe.us/advisory-59.html",
"refsource": "MISC",
"url": "http://www.waraxe.us/advisory-59.html"
},
{
"name": "http://wordpress.org/development/2007/10/wordpress-231/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/development/2007/10/wordpress-231/"
},
{
"name": "20071027 [waraxe-2007-SA#059] - XSS in WordPress 2.3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482905/100/0/threaded"
}
]
}
}

380
2007/5xxx/CVE-2007-5770.json
View File

@ -1,192 +1,192 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5770",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5770",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=362081",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=362081"
},
{
"name" : "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656",
"refsource" : "CONFIRM",
"url" : "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=307179",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name" : "APPLE-SA-2007-12-17",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name" : "DSA-1410",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1410"
},
{
"name" : "DSA-1411",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1411"
},
{
"name" : "DSA-1412",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1412"
},
{
"name" : "MDVSA-2008:029",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:029"
},
{
"name" : "RHSA-2007:0961",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0961.html"
},
{
"name" : "RHSA-2007:0965",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0965.html"
},
{
"name" : "SUSE-SR:2007:024",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name" : "USN-596-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-596-1"
},
{
"name" : "TA07-352A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name" : "26421",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26421"
},
{
"name" : "oval:org.mitre.oval:def:11025",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025"
},
{
"name" : "ADV-2007-4238",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name" : "1018938",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018938"
},
{
"name" : "26985",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26985"
},
{
"name" : "27576",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27576"
},
{
"name" : "27673",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27673"
},
{
"name" : "27764",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27764"
},
{
"name" : "27769",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27769"
},
{
"name" : "27818",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27818"
},
{
"name" : "28136",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28136"
},
{
"name" : "27756",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27756"
},
{
"name" : "28645",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28645"
},
{
"name" : "29556",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/29556"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site, different components than CVE-2007-5162."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27576"
},
{
"name": "ADV-2007-4238",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4238"
},
{
"name": "26985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26985"
},
{
"name": "TA07-352A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
},
{
"name": "28136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28136"
},
{
"name": "USN-596-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-596-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=362081",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=362081"
},
{
"name": "RHSA-2007:0961",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0961.html"
},
{
"name": "RHSA-2007:0965",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0965.html"
},
{
"name": "27756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27756"
},
{
"name": "DSA-1412",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1412"
},
{
"name": "27673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27673"
},
{
"name": "APPLE-SA-2007-12-17",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
},
{
"name": "DSA-1410",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1410"
},
{
"name": "27769",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27769"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307179",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307179"
},
{
"name": "SUSE-SR:2007:024",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_24_sr.html"
},
{
"name": "MDVSA-2008:029",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:029"
},
{
"name": "29556",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29556"
},
{
"name": "1018938",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018938"
},
{
"name": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656",
"refsource": "CONFIRM",
"url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=13656"
},
{
"name": "27818",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27818"
},
{
"name": "oval:org.mitre.oval:def:11025",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11025"
},
{
"name": "28645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28645"
},
{
"name": "DSA-1411",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1411"
},
{
"name": "26421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26421"
},
{
"name": "27764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27764"
}
]
}
}

34
2007/5xxx/CVE-2007-5885.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5885",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5885",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

420
2007/5xxx/CVE-2007-5899.json
View File

@ -1,212 +1,212 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5899",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5899",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://bugs.php.net/bug.php?id=42869",
"refsource" : "CONFIRM",
"url" : "http://bugs.php.net/bug.php?id=42869"
},
{
"name" : "http://www.php.net/ChangeLog-5.php#5.2.5",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"name" : "http://www.php.net/releases/5_2_5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/releases/5_2_5.php"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1943",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1943"
},
{
"name" : "https://launchpad.net/bugs/173043",
"refsource" : "CONFIRM",
"url" : "https://launchpad.net/bugs/173043"
},
{
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242",
"refsource" : "CONFIRM",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"name" : "DSA-1444",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1444"
},
{
"name" : "FEDORA-2008-3864",
"refsource" : "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html"
},
{
"name" : "HPSBUX02332",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"name" : "SSRT080056",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"name" : "MDVSA-2008:125",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125"
},
{
"name" : "MDVSA-2008:126",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"
},
{
"name" : "MDVSA-2008:127",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"
},
{
"name" : "RHSA-2008:0505",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0505.html"
},
{
"name" : "RHSA-2008:0544",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0544.html"
},
{
"name" : "RHSA-2008:0545",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0545.html"
},
{
"name" : "RHSA-2008:0546",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
},
{
"name" : "RHSA-2008:0582",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0582.html"
},
{
"name" : "USN-549-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/549-1/"
},
{
"name" : "USN-549-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-549-2"
},
{
"name" : "USN-628-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-628-1"
},
{
"name" : "38918",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38918"
},
{
"name" : "oval:org.mitre.oval:def:11211",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11211"
},
{
"name" : "27659",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27659"
},
{
"name" : "27864",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27864"
},
{
"name" : "28249",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/28249"
},
{
"name" : "30040",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30040"
},
{
"name" : "30828",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/30828"
},
{
"name" : "31119",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31119"
},
{
"name" : "31124",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31124"
},
{
"name" : "31200",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/31200"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a local session ID."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38918",
"refsource": "OSVDB",
"url": "http://osvdb.org/38918"
},
{
"name": "http://www.php.net/ChangeLog-5.php#5.2.5",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.2.5"
},
{
"name": "https://launchpad.net/bugs/173043",
"refsource": "CONFIRM",
"url": "https://launchpad.net/bugs/173043"
},
{
"name": "RHSA-2008:0546",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0546.html"
},
{
"name": "FEDORA-2008-3864",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00773.html"
},
{
"name": "http://bugs.php.net/bug.php?id=42869",
"refsource": "CONFIRM",
"url": "http://bugs.php.net/bug.php?id=42869"
},
{
"name": "https://issues.rpath.com/browse/RPL-1943",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1943"
},
{
"name": "30828",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30828"
},
{
"name": "DSA-1444",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1444"
},
{
"name": "RHSA-2008:0582",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0582.html"
},
{
"name": "USN-628-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-628-1"
},
{
"name": "RHSA-2008:0545",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0545.html"
},
{
"name": "27864",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27864"
},
{
"name": "31124",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31124"
},
{
"name": "31119",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31119"
},
{
"name": "30040",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30040"
},
{
"name": "http://www.php.net/releases/5_2_5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_5.php"
},
{
"name": "27659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27659"
},
{
"name": "31200",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31200"
},
{
"name": "USN-549-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/549-1/"
},
{
"name": "SSRT080056",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"name": "RHSA-2008:0544",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0544.html"
},
{
"name": "28249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28249"
},
{
"name": "MDVSA-2008:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:125"
},
{
"name": "HPSBUX02332",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491693/100/0/threaded"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0242"
},
{
"name": "RHSA-2008:0505",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0505.html"
},
{
"name": "USN-549-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-549-2"
},
{
"name": "MDVSA-2008:126",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:126"
},
{
"name": "MDVSA-2008:127",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:127"
},
{
"name": "oval:org.mitre.oval:def:11211",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11211"
}
]
}
}

190
2015/3xxx/CVE-2015-3104.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3104",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-3104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
},
{
"name" : "GLSA-201506-01",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201506-01"
},
{
"name" : "RHSA-2015:1086",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
},
{
"name" : "SUSE-SU-2015:1043",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
},
{
"name" : "openSUSE-SU-2015:1047",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
},
{
"name" : "openSUSE-SU-2015:1061",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
},
{
"name" : "75081",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75081"
},
{
"name" : "1032519",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032519"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-11.html"
},
{
"name": "75081",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75081"
},
{
"name": "1032519",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032519"
},
{
"name": "openSUSE-SU-2015:1047",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html"
},
{
"name": "GLSA-201506-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-01"
},
{
"name": "SUSE-SU-2015:1043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html"
},
{
"name": "openSUSE-SU-2015:1061",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html"
},
{
"name": "RHSA-2015:1086",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1086.html"
}
]
}
}

570
2015/3xxx/CVE-2015-3195.json
View File

@ -1,287 +1,287 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3195",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://openssl.org/news/secadv/20151203.txt",
"refsource" : "CONFIRM",
"url" : "http://openssl.org/news/secadv/20151203.txt"
},
{
"name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d",
"refsource" : "CONFIRM",
"url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "https://support.apple.com/HT206167",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206167"
},
{
"name" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100",
"refsource" : "CONFIRM",
"url" : "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name" : "http://fortiguard.com/advisory/openssl-advisory-december-2015",
"refsource" : "CONFIRM",
"url" : "http://fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"name" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015",
"refsource" : "CONFIRM",
"url" : "http://www.fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "APPLE-SA-2016-03-21-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name" : "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl"
},
{
"name" : "DSA-3413",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3413"
},
{
"name" : "FEDORA-2015-d87d60b9a9",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html"
},
{
"name" : "HPSBGN03536",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=145382583417444&w=2"
},
{
"name" : "RHSA-2015:2616",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2616.html"
},
{
"name" : "RHSA-2015:2617",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2617.html"
},
{
"name" : "RHSA-2016:2056",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name" : "RHSA-2016:2957",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name" : "SSA:2015-349-04",
"refsource" : "SLACKWARE",
"url" : "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583"
},
{
"name" : "openSUSE-SU-2016:0637",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"name" : "openSUSE-SU-2016:0640",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"name" : "SUSE-SU-2016:0678",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
},
{
"name" : "openSUSE-SU-2015:2288",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html"
},
{
"name" : "openSUSE-SU-2015:2289",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html"
},
{
"name" : "openSUSE-SU-2015:2318",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html"
},
{
"name" : "openSUSE-SU-2015:2349",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html"
},
{
"name" : "USN-2830-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2830-1"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "78626",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78626"
},
{
"name" : "1034294",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034294"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "APPLE-SA-2016-03-21-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "RHSA-2016:2056",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://support.apple.com/HT206167",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206167"
},
{
"name": "20151204 Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017"
},
{
"name": "openSUSE-SU-2015:2288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html"
},
{
"name": "RHSA-2015:2617",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2617.html"
},
{
"name": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "SSA:2015-349-04",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583"
},
{
"name": "openSUSE-SU-2016:0640",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100",
"refsource": "CONFIRM",
"url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100"
},
{
"name": "78626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78626"
},
{
"name": "RHSA-2015:2616",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2616.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761"
},
{
"name": "HPSBGN03536",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=145382583417444&w=2"
},
{
"name": "USN-2830-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2830-1"
},
{
"name": "openSUSE-SU-2015:2289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html"
},
{
"name": "FEDORA-2015-d87d60b9a9",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:2957",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2957.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "http://openssl.org/news/secadv/20151203.txt",
"refsource": "CONFIRM",
"url": "http://openssl.org/news/secadv/20151203.txt"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "1034294",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034294"
},
{
"name": "SUSE-SU-2016:0678",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html"
},
{
"name": "openSUSE-SU-2016:0637",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"name": "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d"
},
{
"name": "http://fortiguard.com/advisory/openssl-advisory-december-2015",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/openssl-advisory-december-2015"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322"
},
{
"name": "DSA-3413",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3413"
},
{
"name": "openSUSE-SU-2015:2318",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759"
},
{
"name": "openSUSE-SU-2015:2349",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html"
}
]
}
}

200
2015/3xxx/CVE-2015-3420.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3420",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3420",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[dovecot-news] 20150513 [Dovecot-news] v2.2.17 released",
"refsource" : "MLIST",
"url" : "https://dovecot.org/pipermail/dovecot-news/2015-May/000292.html"
},
{
"name" : "[dovecot] 20150424 [patch] TLS Handshake failures can crash imap-login",
"refsource" : "MLIST",
"url" : "https://dovecot.org/pipermail/dovecot/2015-April/100618.html"
},
{
"name" : "[oss-security] 20150427 Re: CVE request: Dovecot remote DoS on TLS connections",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/04/27/1"
},
{
"name" : "[oss-security] 20150428 Re: Re: CVE request: Dovecot remote DoS on TLS connections",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/04/28/4"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216057",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1216057"
},
{
"name" : "FEDORA-2015-7089",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158236.html"
},
{
"name" : "FEDORA-2015-7156",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157030.html"
},
{
"name" : "FEDORA-2015-7159",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158261.html"
},
{
"name" : "74335",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74335"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150428 Re: Re: CVE request: Dovecot remote DoS on TLS connections",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/28/4"
},
{
"name": "[dovecot] 20150424 [patch] TLS Handshake failures can crash imap-login",
"refsource": "MLIST",
"url": "https://dovecot.org/pipermail/dovecot/2015-April/100618.html"
},
{
"name": "[dovecot-news] 20150513 [Dovecot-news] v2.2.17 released",
"refsource": "MLIST",
"url": "https://dovecot.org/pipermail/dovecot-news/2015-May/000292.html"
},
{
"name": "FEDORA-2015-7159",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158261.html"
},
{
"name": "FEDORA-2015-7156",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157030.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1216057",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216057"
},
{
"name": "FEDORA-2015-7089",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158236.html"
},
{
"name": "[oss-security] 20150427 Re: CVE request: Dovecot remote DoS on TLS connections",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/27/1"
},
{
"name": "74335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74335"
}
]
}
}

34
2015/3xxx/CVE-2015-3469.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3469",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3469",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

180
2015/3xxx/CVE-2015-3810.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3810",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-13.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-13.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "DSA-3277",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3277"
},
{
"name" : "GLSA-201510-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201510-03"
},
{
"name" : "74629",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74629"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "74629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74629"
},
{
"name": "DSA-3277",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3277"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-13.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-13.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "GLSA-201510-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201510-03"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0"
}
]
}
}

34
2015/4xxx/CVE-2015-4565.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4565",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4565",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2015/6xxx/CVE-2015-6561.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6561",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6561",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

150
2015/7xxx/CVE-2015-7229.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7229",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) \"post to twitter\" permission or change the options for arbitrary attached accounts by leveraging the (2) \"add twitter accounts\" or (3) \"add authenticated twitter accounts\" permission."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.drupal.org/node/2565827",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2565827"
},
{
"name" : "https://www.drupal.org/node/2559981",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2559981"
},
{
"name" : "https://www.drupal.org/node/2559985",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2559985"
},
{
"name" : "https://www.drupal.org/node/2559989",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2559989"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Twitter module 6.x-5.x before 6.x-5.2, 7.x-5.x before 7.x-5.9, and 7.x-6.x before 7.x-6.0 for Drupal does not properly check access permissions, which allows remote authenticated users to post tweets to arbitrary accounts by leveraging the (1) \"post to twitter\" permission or change the options for arbitrary attached accounts by leveraging the (2) \"add twitter accounts\" or (3) \"add authenticated twitter accounts\" permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.drupal.org/node/2565827",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2565827"
},
{
"name": "https://www.drupal.org/node/2559981",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2559981"
},
{
"name": "https://www.drupal.org/node/2559989",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2559989"
},
{
"name": "https://www.drupal.org/node/2559985",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2559985"
}
]
}
}

34
2015/7xxx/CVE-2015-7582.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7582",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2100. Reason: This candidate is a reservation duplicate of CVE-2016-2100. Notes: All CVE users should reference CVE-2016-2100 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-7582",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-2100. Reason: This candidate is a reservation duplicate of CVE-2016-2100. Notes: All CVE users should reference CVE-2016-2100 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

230
2015/7xxx/CVE-2015-7884.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7884",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/10/21/8"
},
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274726",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274726"
},
{
"name" : "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c"
},
{
"name" : "openSUSE-SU-2016:1008",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
},
{
"name" : "USN-2842-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2842-1"
},
{
"name" : "USN-2842-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2842-2"
},
{
"name" : "USN-2843-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2843-1"
},
{
"name" : "USN-2843-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2843-2"
},
{
"name" : "USN-2843-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2843-3"
},
{
"name" : "77317",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77317"
},
{
"name" : "1034893",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034893"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/eda98796aff0d9bf41094b06811f5def3b4c333c"
},
{
"name": "1034893",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034893"
},
{
"name": "77317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77317"
},
{
"name": "USN-2843-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2843-1"
},
{
"name": "USN-2842-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2842-2"
},
{
"name": "USN-2843-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2843-2"
},
{
"name": "USN-2842-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2842-1"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=eda98796aff0d9bf41094b06811f5def3b4c333c"
},
{
"name": "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/10/21/8"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274726",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274726"
},
{
"name": "USN-2843-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2843-3"
},
{
"name": "openSUSE-SU-2016:1008",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html"
}
]
}
}

34
2015/7xxx/CVE-2015-7953.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7953",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-7953",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

120
2015/8xxx/CVE-2015-8072.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8072",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23881715, a different vulnerability than CVE-2015-6608 and CVE-2015-8073."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8072",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)",
"refsource" : "MLIST",
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23881715, a different vulnerability than CVE-2015-6608 and CVE-2015-8073."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[android-security-updates] 20151102 Nexus Security Bulletin (November 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/n1aw2MGce4E/jhpVEWDUCAAJ"
}
]
}
}

130
2015/8xxx/CVE-2015-8095.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8095",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.drupal.org/node/2608414",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2608414"
},
{
"name" : "https://www.drupal.org/node/2608382",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2608382"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not properly remove nodes from view, which allows remote attackers to obtain sensitive information via an unspecified URL pattern."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.drupal.org/node/2608414",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2608414"
},
{
"name": "https://www.drupal.org/node/2608382",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2608382"
}
]
}
}

120
2015/8xxx/CVE-2015-8226.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8226",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm",
"refsource" : "CONFIRM",
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with software before ALE-UL00C00B220 and ALE-TL00C01B220 and GEM-703L smartphones with software before V100R001C233B111 allows remote attackers to cause a denial of service (crash) via a crafted application with the system or camera permission, a different vulnerability than CVE-2015-8225."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-465532.htm"
}
]
}
}

34
2015/8xxx/CVE-2015-8694.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8694",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8694",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

140
2015/8xxx/CVE-2015-8760.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8760",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka \"Cross-Site Flashing.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/"
},
{
"name" : "79210",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/79210"
},
{
"name" : "1034485",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034485"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos from external domains via unspecified vectors, aka \"Cross-Site Flashing.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034485",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034485"
},
{
"name": "79210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79210"
},
{
"name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/",
"refsource": "CONFIRM",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-014/"
}
]
}
}

130
2016/0xxx/CVE-2016-0415.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0415",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "1034734",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034734"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034734",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034734"
}
]
}
}

130
2016/0xxx/CVE-2016-0906.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security_alert@emc.com",
"ID" : "CVE-2016-0906",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2016-0906",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160706 ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/bugtraq/2016/Jul/33"
},
{
"name" : "1036235",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036235"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar through 7.1.2 and 7.2.x through 7.2.1 allows remote authenticated users to read or delete directories via a Linux backup-restore operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036235",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036235"
},
{
"name": "20160706 ESA-2016-054: EMC Avamar Data Store and Avamar Virtual Edition Unauthorized Data Access Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/Jul/33"
}
]
}
}

190
2016/1xxx/CVE-2016-1010.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1010",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"name" : "GLSA-201603-07",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201603-07"
},
{
"name" : "SUSE-SU-2016:0715",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"name" : "SUSE-SU-2016:0716",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
},
{
"name" : "openSUSE-SU-2016:0719",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"name" : "openSUSE-SU-2016:0734",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"name" : "84308",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84308"
},
{
"name" : "1035251",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035251"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2016:0734",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html"
},
{
"name": "1035251",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035251"
},
{
"name": "openSUSE-SU-2016:0719",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html"
},
{
"name": "GLSA-201603-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-07"
},
{
"name": "SUSE-SU-2016:0715",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html"
},
{
"name": "84308",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84308"
},
{
"name": "SUSE-SU-2016:0716",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html"
}
]
}
}

140
2016/1xxx/CVE-2016-1184.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1184",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-1184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.tokyostarbank.co.jp/important151222.html",
"refsource" : "CONFIRM",
"url" : "http://www.tokyostarbank.co.jp/important151222.html"
},
{
"name" : "JVN#00272277",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN00272277/index.html"
},
{
"name" : "JVNDB-2016-000049",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000049.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Tokyo Star bank App for Android before 1.4 and Tokyo Star bank App for iOS before 1.4 do not validate SSL certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000049",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000049.html"
},
{
"name": "JVN#00272277",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN00272277/index.html"
},
{
"name": "http://www.tokyostarbank.co.jp/important151222.html",
"refsource": "CONFIRM",
"url": "http://www.tokyostarbank.co.jp/important151222.html"
}
]
}
}

130
2016/1xxx/CVE-2016-1400.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1400",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160516 Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs"
},
{
"name" : "1035899",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035899"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035899"
},
{
"name": "20160516 Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160516-vcs"
}
]
}
}

130
2016/1xxx/CVE-2016-1581.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1581",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2016-1581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://linuxcontainers.org/lxd/news/",
"refsource" : "CONFIRM",
"url" : "https://linuxcontainers.org/lxd/news/"
},
{
"name" : "USN-2988-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2988-1"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LXD before 2.0.2 uses world-readable permissions for /var/lib/lxd/zfs.img when setting up a loop based ZFS pool, which allows local users to copy and read data from arbitrary containers via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://linuxcontainers.org/lxd/news/",
"refsource": "CONFIRM",
"url": "https://linuxcontainers.org/lxd/news/"
},
{
"name": "USN-2988-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2988-1"
}
]
}
}

240
2016/1xxx/CVE-2016-1823.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1823",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "39927",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/39927/"
},
{
"name" : "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html"
},
{
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=774",
"refsource" : "MISC",
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=774"
},
{
"name" : "https://support.apple.com/HT206564",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206564"
},
{
"name" : "https://support.apple.com/HT206566",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206566"
},
{
"name" : "https://support.apple.com/HT206567",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206567"
},
{
"name" : "https://support.apple.com/HT206568",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206568"
},
{
"name" : "APPLE-SA-2016-05-16-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
},
{
"name" : "APPLE-SA-2016-05-16-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name" : "APPLE-SA-2016-05-16-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"
},
{
"name" : "APPLE-SA-2016-05-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name" : "90698",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90698"
},
{
"name" : "1035890",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035890"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IOHIDDevice::handleReportWithTime function in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds read and memory corruption) via a crafted IOHIDReportType enum, which triggers an incorrect cast, a different vulnerability than CVE-2016-1824."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
},
{
"name": "https://support.apple.com/HT206566",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206566"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=774",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=774"
},
{
"name": "39927",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39927/"
},
{
"name": "APPLE-SA-2016-05-16-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html"
},
{
"name": "https://support.apple.com/HT206564",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206564"
},
{
"name": "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/137397/OS-X-Kernel-Raw-Cast-Out-Of-Bounds-Read.html"
},
{
"name": "1035890",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035890"
},
{
"name": "APPLE-SA-2016-05-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html"
},
{
"name": "90698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90698"
},
{
"name": "https://support.apple.com/HT206568",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206568"
},
{
"name": "APPLE-SA-2016-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html"
}
]
}
}

34
2016/5xxx/CVE-2016-5113.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5113",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5113",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2016/5xxx/CVE-2016-5182.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-5182",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android",
"version" : {
"version_data" : [
{
"version_value" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "heap corruption"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-5182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android",
"version": {
"version_data": [
{
"version_value": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html"
},
{
"name" : "https://crbug.com/638615",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/638615"
},
{
"name" : "GLSA-201610-09",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-09"
},
{
"name" : "RHSA-2016:2067",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html"
},
{
"name" : "93528",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93528"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Blink in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android had insufficient validation in bitmap handling, which allowed a remote attacker to potentially exploit heap corruption via crafted HTML pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "heap corruption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93528"
},
{
"name": "RHSA-2016:2067",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html"
},
{
"name": "GLSA-201610-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-09"
},
{
"name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html"
},
{
"name": "https://crbug.com/638615",
"refsource": "CONFIRM",
"url": "https://crbug.com/638615"
}
]
}
}

190
2016/5xxx/CVE-2016-5255.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5255",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356"
},
{
"name" : "GLSA-201701-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-15"
},
{
"name" : "openSUSE-SU-2016:1964",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
},
{
"name" : "openSUSE-SU-2016:2026",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
},
{
"name" : "USN-3044-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3044-1"
},
{
"name" : "92260",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92260"
},
{
"name" : "1036508",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036508"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in the js::PreliminaryObjectArray::sweep function in Mozilla Firefox before 48.0 allows remote attackers to execute arbitrary code via crafted JavaScript that is mishandled during incremental garbage collection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036508",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036508"
},
{
"name": "USN-3044-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3044-1"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1212356"
},
{
"name": "92260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92260"
},
{
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name": "openSUSE-SU-2016:1964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html"
},
{
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-71.html"
},
{
"name": "openSUSE-SU-2016:2026",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html"
}
]
}
}

250
2016/5xxx/CVE-2016-5768.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5768",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-5768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"name" : "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1",
"refsource" : "CONFIRM",
"url" : "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1"
},
{
"name" : "http://php.net/ChangeLog-5.php",
"refsource" : "CONFIRM",
"url" : "http://php.net/ChangeLog-5.php"
},
{
"name" : "http://php.net/ChangeLog-7.php",
"refsource" : "CONFIRM",
"url" : "http://php.net/ChangeLog-7.php"
},
{
"name" : "https://bugs.php.net/bug.php?id=72402",
"refsource" : "CONFIRM",
"url" : "https://bugs.php.net/bug.php?id=72402"
},
{
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource" : "CONFIRM",
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name" : "https://support.apple.com/HT207170",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207170"
},
{
"name" : "APPLE-SA-2016-09-20",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name" : "DSA-3618",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3618"
},
{
"name" : "RHSA-2016:2598",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
},
{
"name" : "RHSA-2016:2750",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name" : "openSUSE-SU-2016:1761",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"name" : "openSUSE-SU-2016:1922",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"name" : "91396",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91396"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name": "openSUSE-SU-2016:1761",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html"
},
{
"name": "openSUSE-SU-2016:1922",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
},
{
"name": "RHSA-2016:2750",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
},
{
"name": "RHSA-2016:2598",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html"
},
{
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
},
{
"name": "https://bugs.php.net/bug.php?id=72402",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=72402"
},
{
"name": "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1",
"refsource": "CONFIRM",
"url": "http://github.com/php/php-src/commit/5b597a2e5b28e2d5a52fc1be13f425f08f47cb62?w=1"
},
{
"name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/23/4"
},
{
"name": "DSA-3618",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3618"
},
{
"name": "http://php.net/ChangeLog-7.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-7.php"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
},
{
"name": "91396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91396"
}
]
}
}

34
2018/2xxx/CVE-2018-2151.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2151",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2151",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

198
2018/2xxx/CVE-2018-2655.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2655",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Work in Process",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "12.1.1"
},
{
"version_affected" : "=",
"version_value" : "12.1.2"
},
{
"version_affected" : "=",
"version_value" : "12.1.3"
},
{
"version_affected" : "=",
"version_value" : "12.2.3"
},
{
"version_affected" : "=",
"version_value" : "12.2.4"
},
{
"version_affected" : "=",
"version_value" : "12.2.5"
},
{
"version_affected" : "=",
"version_value" : "12.2.6"
},
{
"version_affected" : "=",
"version_value" : "12.2.7"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Work in Process",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.1.1"
},
{
"version_affected": "=",
"version_value": "12.1.2"
},
{
"version_affected": "=",
"version_value": "12.1.3"
},
{
"version_affected": "=",
"version_value": "12.2.3"
},
{
"version_affected": "=",
"version_value": "12.2.4"
},
{
"version_affected": "=",
"version_value": "12.2.5"
},
{
"version_affected": "=",
"version_value": "12.2.6"
},
{
"version_affected": "=",
"version_value": "12.2.7"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name" : "102646",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102646"
},
{
"name" : "1040201",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040201"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Work in Process. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Work in Process accessible data as well as unauthorized access to critical data or complete access to all Oracle Work in Process accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040201"
},
{
"name": "102646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102646"
}
]
}
}

34
2019/0xxx/CVE-2019-0471.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0471",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0471",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0710.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0710",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0710",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0791.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0791",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0791",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0995.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0995",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0995",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

136
2019/1000xxx/CVE-2019-1000013.json
View File

@ -1,70 +1,70 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2019-01-22T21:21:10.021164",
"DATE_REQUESTED" : "2019-01-15T18:58:43",
"ID" : "CVE-2019-1000013",
"REQUESTER" : "bram.verburg@voltone.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.4.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2019-01-22T21:21:10.021164",
"DATE_REQUESTED": "2019-01-15T18:58:43",
"ID": "CVE-2019-1000013",
"REQUESTER": "bram.verburg@voltone.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/hexpm/hex_core/pull/48",
"refsource" : "MISC",
"url" : "https://github.com/hexpm/hex_core/pull/48"
},
{
"name" : "https://github.com/hexpm/hex_core/pull/51",
"refsource" : "MISC",
"url" : "https://github.com/hexpm/hex_core/pull/51"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.4.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/hexpm/hex_core/pull/51",
"refsource": "MISC",
"url": "https://github.com/hexpm/hex_core/pull/51"
},
{
"name": "https://github.com/hexpm/hex_core/pull/48",
"refsource": "MISC",
"url": "https://github.com/hexpm/hex_core/pull/48"
}
]
}
}

34
2019/1xxx/CVE-2019-1040.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1040",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1040",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1375.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1375",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1375",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1628.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1628",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1628",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1773.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1773",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1773",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4105.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4105",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4105",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4267.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4267",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4267",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4582.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4582",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4582",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4588.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4588",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4588",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5044.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5044",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5044",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5275.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5275",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5275",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5797.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5797",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5797",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5894.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5894",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5894",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9133.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9133",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9133",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9284.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9284",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9284",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/9xxx/CVE-2019-9341.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9341",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9341",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}