admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:59:54 +00:00
parent 4d08cf79d9
commit 68f102a273
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3574 additions and 3574 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

176
2007/0xxx/CVE-2007-0048.json
View File

@ -1,156 +1,156 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0048",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0048",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a \"cross-site scripting issue.\""
"lang": "eng",
"value": "Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a \"cross-site scripting issue.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455801/100/0/threaded"
"name": "TA09-286B",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
},
{
"name" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf",
"refsource" : "MISC",
"url" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf"
"name": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html"
},
{
"name" : "http://www.wisec.it/vulns.php?page=9",
"refsource" : "MISC",
"url" : "http://www.wisec.it/vulns.php?page=9"
"name": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf",
"refsource": "MISC",
"url": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb07-01.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb07-01.html"
"name": "1023007",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023007"
},
{
"name" : "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2009/01/stable-beta-update-yahoo-mail-and.html"
"name": "23882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23882"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
"name": "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455801/100/0/threaded"
},
{
"name" : "GLSA-200701-16",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200701-16.xml"
"name": "ADV-2007-0032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0032"
},
{
"name" : "SUSE-SA:2007:011",
"refsource" : "SUSE",
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html"
"name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html"
},
{
"name" : "TA09-286B",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html"
"name": "2090",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2090"
},
{
"name" : "oval:org.mitre.oval:def:6348",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348"
"name": "oval:org.mitre.oval:def:6348",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6348"
},
{
"name" : "1023007",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1023007"
"name": "SUSE-SA:2007:011",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html"
},
{
"name" : "ADV-2007-0032",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0032"
"name": "33754",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33754"
},
{
"name" : "31596",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/31596"
"name": "23812",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23812"
},
{
"name" : "1017469",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017469"
"name": "1017469",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017469"
},
{
"name" : "23812",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23812"
"name": "adobe-acrobat-character-dos(31273)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273"
},
{
"name" : "23882",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23882"
"name": "http://www.adobe.com/support/security/bulletins/apsb07-01.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-01.html"
},
{
"name" : "33754",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/33754"
"name": "ADV-2009-2898",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2898"
},
{
"name" : "2090",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2090"
"name": "GLSA-200701-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-16.xml"
},
{
"name" : "ADV-2009-2898",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/2898"
"name": "31596",
"refsource": "OSVDB",
"url": "http://osvdb.org/31596"
},
{
"name" : "adobe-acrobat-character-dos(31273)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31273"
"name": "http://www.wisec.it/vulns.php?page=9",
"refsource": "MISC",
"url": "http://www.wisec.it/vulns.php?page=9"
}
]
}

86
2007/0xxx/CVE-2007-0088.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0088",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0088",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in openmedia allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) src parameter to page.php or the (2) format parameter to search_form.php."
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in openmedia allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) src parameter to page.php or the (2) format parameter to search_form.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070102 openmedia local read file",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455786/100/0/threaded"
"name": "33371",
"refsource": "OSVDB",
"url": "http://osvdb.org/33371"
},
{
"name" : "33370",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33370"
"name": "20070102 openmedia local read file",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455786/100/0/threaded"
},
{
"name" : "33371",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33371"
"name": "openmedia-page-directory-traversal(31258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31258"
},
{
"name" : "2103",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2103"
"name": "2103",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2103"
},
{
"name" : "openmedia-page-directory-traversal(31258)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31258"
"name": "33370",
"refsource": "OSVDB",
"url": "http://osvdb.org/33370"
}
]
}

98
2007/0xxx/CVE-2007-0277.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0277",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0277",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
"name": "23794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23794"
},
{
"name" : "TA07-017A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html"
"name": "22083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22083"
},
{
"name" : "22083",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22083"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
},
{
"name" : "32917",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32917"
"name": "TA07-017A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html"
},
{
"name" : "1017522",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017522"
"name": "oracle-cpu-jan2007(31541)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541"
},
{
"name" : "23794",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23794"
"name": "1017522",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017522"
},
{
"name" : "oracle-cpu-jan2007(31541)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541"
"name": "32917",
"refsource": "OSVDB",
"url": "http://osvdb.org/32917"
}
]
}

86
2007/0xxx/CVE-2007-0512.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0512",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0512",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1/Server Base 05-00 through 05-00-/M, 03-01-E through 03-01-FD, 03-01 through 03-01-DB, and 05-03; allow attackers to cause a denial of service (process crash) via invalid data to an OpenTP1 port."
"lang": "eng",
"value": "Hitachi TP1/LiNK 05-00 through 05-03-/F, 03-04 through 03-06-/K, and 03-00 through 03-03-/H; and TP1/Server Base 05-00 through 05-00-/M, 03-01-E through 03-01-FD, 03-01 through 03-01-DB, and 05-03; allow attackers to cause a denial of service (process crash) via invalid data to an OpenTP1 port."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html"
"name": "32962",
"refsource": "OSVDB",
"url": "http://osvdb.org/32962"
},
{
"name" : "22223",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22223"
"name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-021_e/01-e.html"
},
{
"name" : "ADV-2007-0325",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0325"
"name": "ADV-2007-0325",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0325"
},
{
"name" : "32962",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/32962"
"name": "22223",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22223"
},
{
"name" : "23866",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23866"
"name": "23866",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23866"
}
]
}

98
2007/0xxx/CVE-2007-0710.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-0710",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0710",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614."
"lang": "eng",
"value": "The Bonjour functionality in iChat in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (persistent application crash) via unspecified vectors, possibly related to CVE-2007-0614."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://docs.info.apple.com/article.html?artnum=305102",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=305102"
"name": "APPLE-SA-2007-02-15",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html"
},
{
"name" : "APPLE-SA-2007-02-15",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Feb/msg00000.html"
"name": "24198",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24198"
},
{
"name" : "VU#836024",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/836024"
"name": "VU#836024",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/836024"
},
{
"name" : "22304",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22304"
"name": "1017661",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017661"
},
{
"name" : "32713",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/32713"
"name": "32713",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32713"
},
{
"name" : "1017661",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017661"
"name": "http://docs.info.apple.com/article.html?artnum=305102",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=305102"
},
{
"name" : "24198",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24198"
"name": "22304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22304"
}
]
}

80
2007/1xxx/CVE-2007-1146.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1146",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1146",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in function.php in arabhost allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070222 Hasadya Raed",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460933/100/0/threaded"
"name": "20070227 Verified: arabhost function.php RFI",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2007-February/001396.html"
},
{
"name" : "20070227 Verified: arabhost function.php RFI",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2007-February/001396.html"
"name": "2339",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2339"
},
{
"name" : "33839",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/33839"
"name": "20070222 Hasadya Raed",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460933/100/0/threaded"
},
{
"name" : "2339",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2339"
"name": "33839",
"refsource": "OSVDB",
"url": "http://osvdb.org/33839"
}
]
}

98
2007/1xxx/CVE-2007-1454.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1454",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1454",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b."
"lang": "eng",
"value": "ext/filter in PHP 5.2.0, when FILTER_SANITIZE_STRING is used with the FILTER_FLAG_STRIP_LOW flag, does not properly strip HTML tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks via HTML with a '<' character followed by certain whitespace characters, which passes one filter but is collapsed into a valid tag, as demonstrated using %0b."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.php-security.org/MOPB/MOPB-18-2007.html",
"refsource" : "MISC",
"url" : "http://www.php-security.org/MOPB/MOPB-18-2007.html"
"name": "25056",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25056"
},
{
"name" : "DSA-1283",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2007/dsa-1283"
"name": "DSA-1283",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1283"
},
{
"name" : "MDKSA-2007:090",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
"name": "22914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22914"
},
{
"name" : "SUSE-SA:2007:032",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html"
"name": "25062",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25062"
},
{
"name" : "22914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22914"
"name": "MDKSA-2007:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090"
},
{
"name" : "25062",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25062"
"name": "http://www.php-security.org/MOPB/MOPB-18-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-18-2007.html"
},
{
"name" : "25056",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25056"
"name": "SUSE-SA:2007:032",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_32_php.html"
}
]
}

128
2007/1xxx/CVE-2007-1464.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1464",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2007-1464",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors."
"lang": "eng",
"value": "Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070324 FLEA-2007-0002-1: inkscape",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/463710/100/0/threaded"
"name": "inkscape-jabber-format-string(33164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33164"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106"
"name": "24859",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24859"
},
{
"name" : "https://issues.rpath.com/browse/RPL-1170",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-1170"
"name": "24615",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24615"
},
{
"name" : "GLSA-200704-10",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml"
"name": "23138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23138"
},
{
"name" : "SUSE-SR:2007:008",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
"name": "GLSA-200704-10",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml"
},
{
"name" : "23138",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23138"
"name": "24661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24661"
},
{
"name" : "ADV-2007-1059",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1059"
"name": "https://issues.rpath.com/browse/RPL-1170",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1170"
},
{
"name" : "24615",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24615"
"name": "ADV-2007-1059",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1059"
},
{
"name" : "24661",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24661"
"name": "SUSE-SR:2007:008",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html"
},
{
"name" : "24859",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24859"
"name": "20070324 FLEA-2007-0002-1: inkscape",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463710/100/0/threaded"
},
{
"name" : "25072",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25072"
"name": "25072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25072"
},
{
"name" : "inkscape-jabber-format-string(33164)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33164"
"name": "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106"
}
]
}

104
2007/3xxx/CVE-2007-3135.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-3135",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3135",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in atomPhotoBlog.php in Atom Photoblog 1.0.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the tag parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070607 Atom PhotoBlog v1.0.9 XSS vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/470750/100/0/threaded"
"name": "24363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24363"
},
{
"name" : "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101",
"refsource" : "MISC",
"url" : "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101"
"name": "atom-photoblog-tag-xss(34768)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34768"
},
{
"name" : "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html",
"refsource" : "MISC",
"url" : "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html"
"name": "2787",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2787"
},
{
"name" : "24363",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/24363"
"name": "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101",
"refsource": "MISC",
"url": "http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101"
},
{
"name" : "37046",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37046"
"name": "20070607 Atom PhotoBlog v1.0.9 XSS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470750/100/0/threaded"
},
{
"name" : "25562",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/25562"
"name": "25562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25562"
},
{
"name" : "2787",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2787"
"name": "37046",
"refsource": "OSVDB",
"url": "http://osvdb.org/37046"
},
{
"name" : "atom-photoblog-tag-xss(34768)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34768"
"name": "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html",
"refsource": "MISC",
"url": "http://www.secvsn.com/content/Advisories/sr-060607-atomphotoblog.html"
}
]
}

98
2007/4xxx/CVE-2007-4034.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4034",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4034",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information."
"lang": "eng",
"value": "Stack-based buffer overflow in the YDPCTL.YDPControl.1 (aka Yahoo! Installer Plugin for Widgets) ActiveX control before 2007.7.13.3 (20070620) in YDPCTL.dll in Yahoo! Widgets before 4.0.5 allows remote attackers to execute arbitrary code via a long argument to the GetComponentVersion method. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html",
"refsource" : "CONFIRM",
"url" : "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html"
"name": "1018470",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018470"
},
{
"name" : "VU#120760",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/120760"
"name": "26011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26011"
},
{
"name" : "25086",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25086"
"name": "ADV-2007-2679",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2679"
},
{
"name" : "ADV-2007-2679",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/2679"
"name": "25086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25086"
},
{
"name" : "37705",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/37705"
"name": "37705",
"refsource": "OSVDB",
"url": "http://osvdb.org/37705"
},
{
"name" : "1018470",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018470"
"name": "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html",
"refsource": "CONFIRM",
"url": "http://help.yahoo.com/l/us/yahoo/widgets/security/security-08.html"
},
{
"name" : "26011",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26011"
"name": "VU#120760",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/120760"
}
]
}

80
2007/4xxx/CVE-2007-4202.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4202",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4202",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
"lang": "eng",
"value": "Guidance Software EnCase Enterprise Edition (EEE) 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet (EEE servlet), which might allow remote attackers to spoof the disk image."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
"name": "20070726 Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474809/100/0/threaded"
},
{
"name" : "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
"name": "VU#912593",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/912593"
},
{
"name" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource" : "MISC",
"url" : "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
"name": "20070802 RE: Re: Guidance Software response to iSEC report on EnCase",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475335/100/0/threaded"
},
{
"name" : "VU#912593",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/912593"
"name": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf",
"refsource": "MISC",
"url": "http://www.isecpartners.com/files/iSEC-Breaking_Forensics_Software-Paper.v1_1.BH2007.pdf"
}
]
}

80
2007/4xxx/CVE-2007-4550.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4550",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4550",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file."
"lang": "eng",
"value": "Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://vuln.sg/alpass27-en.html",
"refsource" : "MISC",
"url" : "http://vuln.sg/alpass27-en.html"
"name": "http://vuln.sg/alpass27-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/alpass27-en.html"
},
{
"name" : "25435",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25435"
"name": "26616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26616"
},
{
"name" : "26616",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/26616"
"name": "alpass-apw-format-string(36256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36256"
},
{
"name" : "alpass-apw-format-string(36256)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36256"
"name": "25435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25435"
}
]
}

116
2007/4xxx/CVE-2007-4790.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4790",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4790",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function."
"lang": "eng",
"value": "Stack-based buffer overflow in certain ActiveX controls in (1) FPOLE.OCX 6.0.8450.0 and (2) Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to the FoxDoCmd function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "4369",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4369"
"name": "1019378",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019378"
},
{
"name" : "HPSBST02314",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=120361015026386&w=2"
"name": "HPSBST02314",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=120361015026386&w=2"
},
{
"name" : "SSRT080016",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=120361015026386&w=2"
"name": "4369",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4369"
},
{
"name" : "MS08-010",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010"
"name": "SSRT080016",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=120361015026386&w=2"
},
{
"name" : "TA08-043C",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-043C.html"
"name": "foxpro-fpole-activex-bo(36496)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36496"
},
{
"name" : "25571",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25571"
"name": "TA08-043C",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA08-043C.html"
},
{
"name" : "ADV-2008-0512",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0512/references"
"name": "oval:org.mitre.oval:def:5481",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5481"
},
{
"name" : "oval:org.mitre.oval:def:5481",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5481"
"name": "ADV-2008-0512",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0512/references"
},
{
"name" : "1019378",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1019378"
"name": "25571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25571"
},
{
"name" : "foxpro-fpole-activex-bo(36496)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36496"
"name": "MS08-010",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-010"
}
]
}

22
2007/4xxx/CVE-2007-4875.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-4875",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4875",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/5xxx/CVE-2014-5976.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-5976",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5976",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The alibaba (aka com.alibaba.wireless) application 4.1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#366897",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/366897"
},
{
"name" : "VU#366897",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/366897"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2015/2xxx/CVE-2015-2010.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2010",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-2010",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0010. Reason: This candidate is a duplicate of CVE-2015-0010. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2015-0010 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0010. Reason: This candidate is a duplicate of CVE-2015-0010. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2015-0010 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

74
2015/2xxx/CVE-2015-2029.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2029",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-2029",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier."
"lang": "eng",
"value": "Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote attackers to hijack web sessions via a session identifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044"
},
{
"name" : "PI44098",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098"
"name": "PI44105",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105"
},
{
"name" : "PI44105",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105"
"name": "PI44098",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098"
}
]
}

68
2015/2xxx/CVE-2015-2376.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2376",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-2376",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS15-070",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070"
"name": "1032899",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032899"
},
{
"name" : "1032899",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032899"
"name": "MS15-070",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070"
}
]
}

116
2015/2xxx/CVE-2015-2824.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-2824",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-2824",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the Simple Ads Manager plugin before 2.7.97 for WordPress allow remote attackers to execute arbitrary SQL commands via a (1) hits[][] parameter in a sam_hits action to sam-ajax.php; the (2) cstr parameter in a load_posts action to sam-ajax-admin.php; the (3) searchTerm parameter in a load_combo_data action to sam-ajax-admin.php; or the (4) subscriber, (5) contributor, (6) author, (7) editor, (8) admin, or (9) sadmin parameter in a load_users action to sam-ajax-admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150402 Wordpress plugin Simple Ads Manager - Multiple SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535168/100/0/threaded"
"name": "20150402 Wordpress plugin Simple Ads Manager - Multiple SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535168/100/0/threaded"
},
{
"name" : "20150402 Wordpress plugin Simple Ads Manager - SQL Injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535165/100/0/threaded"
"name": "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager"
},
{
"name" : "36613",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/36613/"
"name": "20150402 Wordpress plugin Simple Ads Manager - SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535165/100/0/threaded"
},
{
"name" : "20150405 Multiple SQL Injection",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Apr/7"
"name": "73698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73698"
},
{
"name" : "20150405 Wordpress plugin Simple Ads Manager - SQL Injection",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Apr/6"
"name": "36613",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36613/"
},
{
"name" : "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html"
"name": "https://wordpress.org/plugins/simple-ads-manager/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/simple-ads-manager/changelog/"
},
{
"name" : "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html",
"refsource" : "MISC",
"url" : "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html"
"name": "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html",
"refsource": "MISC",
"url": "http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager",
"refsource" : "CONFIRM",
"url" : "https://plugins.trac.wordpress.org/changeset/1136202/simple-ads-manager"
"name": "20150405 Multiple SQL Injection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Apr/7"
},
{
"name" : "https://wordpress.org/plugins/simple-ads-manager/changelog/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/simple-ads-manager/changelog/"
"name": "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131280/WordPress-Simple-Ads-Manager-2.5.94-2.5.96-SQL-Injection.html"
},
{
"name" : "73698",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/73698"
"name": "20150405 Wordpress plugin Simple Ads Manager - SQL Injection",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Apr/6"
}
]
}

128
2015/3xxx/CVE-2015-3429.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3429",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3429",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20150507 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/535486/100/1000/threaded"
"name": "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability",
"refsource": "MISC",
"url": "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability"
},
{
"name" : "20150509 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/May/41"
"name": "https://wpvulndb.com/vulnerabilities/7965",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/7965"
},
{
"name" : "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability",
"refsource" : "MISC",
"url" : "https://www.digitalocean.com/community/tutorials/how-to-protect-your-wordpress-site-from-the-genericons-example-html-xss-vulnerability"
"name": "20150507 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535486/100/1000/threaded"
},
{
"name" : "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/",
"refsource" : "MISC",
"url" : "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/"
"name": "DSA-3328",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3328"
},
{
"name" : "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html"
"name": "FEDORA-2015-6790",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html"
},
{
"name" : "https://wpvulndb.com/vulnerabilities/7965",
"refsource" : "MISC",
"url" : "https://wpvulndb.com/vulnerabilities/7965"
"name": "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7",
"refsource": "CONFIRM",
"url": "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7"
},
{
"name" : "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7",
"refsource" : "CONFIRM",
"url" : "https://github.com/Automattic/Genericons/commit/798ac98579dd72dfdb11bdee3e7bebf01cffb1f7"
"name": "https://wordpress.org/news/2015/05/wordpress-4-2-2/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/news/2015/05/wordpress-4-2-2/"
},
{
"name" : "https://wordpress.org/news/2015/05/wordpress-4-2-2/",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/news/2015/05/wordpress-4-2-2/"
"name": "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/",
"refsource": "MISC",
"url": "https://www.netsparker.com/cve-2015-3429-dom-xss-vulnerability-in-twenty-fifteen-wordpress-theme/"
},
{
"name" : "DSA-3328",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3328"
"name": "20150509 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/41"
},
{
"name" : "FEDORA-2015-6790",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158278.html"
"name": "74534",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74534"
},
{
"name" : "FEDORA-2015-6808",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html"
"name": "FEDORA-2015-6808",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158271.html"
},
{
"name" : "74534",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74534"
"name": "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131802/WordPress-Twenty-Fifteen-4.2.1-Cross-Site-Scripting.html"
}
]
}

22
2015/3xxx/CVE-2015-3916.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3916",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3916",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2015/6xxx/CVE-2015-6578.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6578",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6578",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2015/6xxx/CVE-2015-6631.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6631",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-6631",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24623447."
"lang": "eng",
"value": "libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24623447."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2015-12-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2015-12-01.html"
"name": "http://source.android.com/security/bulletin/2015-12-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2015-12-01.html"
}
]
}

80
2015/6xxx/CVE-2015-6662.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-6662",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-6662",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485."
"lang": "eng",
"value": "XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
"name": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
},
{
"name" : "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2015/Nov/92"
"name": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
},
{
"name" : "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/",
"refsource" : "MISC",
"url" : "https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/"
"name": "20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Nov/92"
},
{
"name" : "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html"
"name": "20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536957/100/0/threaded"
}
]
}

80
2015/7xxx/CVE-2015-7421.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7421",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7421",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420."
"lang": "eng",
"value": "Unspecified vulnerability in GSKit on IBM MQ M2000 appliances before 8.0.0.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2015-7420."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971500",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21971500"
"name": "1034846",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034846"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21971500",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21971500"
},
{
"name" : "82303",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/82303"
"name": "82303",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82303"
},
{
"name" : "1034846",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034846"
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023277"
}
]
}

122
2015/7xxx/CVE-2015-7632.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7632",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-7632",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property."
"lang": "eng",
"value": "Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-512",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-512"
"name": "RHSA-2015:2024",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html"
"name": "openSUSE-SU-2015:1744",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html"
},
{
"name" : "GLSA-201511-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201511-02"
"name": "SUSE-SU-2015:1742",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html"
},
{
"name" : "RHSA-2015:2024",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html"
"name": "RHSA-2015:1893",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1893.html"
},
{
"name" : "RHSA-2015:1893",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1893.html"
"name": "GLSA-201511-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201511-02"
},
{
"name" : "SUSE-SU-2015:1740",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html"
"name": "77062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77062"
},
{
"name" : "SUSE-SU-2015:1742",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html"
"name": "1033797",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033797"
},
{
"name" : "openSUSE-SU-2015:1744",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-25.html"
},
{
"name" : "openSUSE-SU-2015:1781",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
"name": "SUSE-SU-2015:1740",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html"
},
{
"name" : "77062",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77062"
"name": "openSUSE-SU-2015:1781",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
},
{
"name" : "1033797",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033797"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-512",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-512"
}
]
}

22
2015/7xxx/CVE-2015-7734.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7734",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-7734",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2015/7xxx/CVE-2015-7910.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-7910",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2015-7910",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body."
"lang": "eng",
"value": "Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-321-01"
}
]
}

86
2016/0xxx/CVE-2016-0110.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0110",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0110",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 10 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-023",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
"name": "84021",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84021"
},
{
"name" : "MS16-024",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
"name": "1035204",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035204"
},
{
"name" : "84021",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84021"
"name": "MS16-024",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024"
},
{
"name" : "1035203",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035203"
"name": "1035203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035203"
},
{
"name" : "1035204",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035204"
"name": "MS16-023",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023"
}
]
}

74
2016/0xxx/CVE-2016-0190.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0190",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2016-0190",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka \"Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability.\""
"lang": "eng",
"value": "Volume Manager Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 does not properly check whether RemoteFX RDP USB disk accesses originate from the user who mounted a disk, which allows local users to read arbitrary files on these disks via RemoteFX requests, aka \"Remote Desktop Protocol Drive Redirection Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS16-067",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-067"
"name": "MS16-067",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-067"
},
{
"name" : "90075",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90075"
"name": "1035844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035844"
},
{
"name" : "1035844",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035844"
"name": "90075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90075"
}
]
}

86
2016/0xxx/CVE-2016-0424.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0424",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-0424",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422."
"lang": "eng",
"value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via vectors related to Enterprise Infrastructure SEC, a different vulnerability than CVE-2016-0422."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20160825 Onapsis Security Advisory ONAPSIS-2016-012: JD Edwards JDENET function DoS",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Aug/127"
"name": "1034722",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034722"
},
{
"name" : "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html"
"name": "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138510/JD-Edwards-9.1-EnterpriseOne-Server-Denial-Of-Service.html"
},
{
"name" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos",
"refsource" : "MISC",
"url" : "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos"
"name": "20160825 Onapsis Security Advisory ONAPSIS-2016-012: JD Edwards JDENET function DoS",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/127"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"name": "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/jd-edwards-jdenet-type-8-dos"
},
{
"name" : "1034722",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034722"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}
]
}

68
2016/0xxx/CVE-2016-0820.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-0820",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-0820",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358."
"lang": "eng",
"value": "The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-03-01.html"
"name": "84257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84257"
},
{
"name" : "84257",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84257"
"name": "http://source.android.com/security/bulletin/2016-03-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-03-01.html"
}
]
}

22
2016/1000xxx/CVE-2016-1000010.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1000010",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1000010",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2016/10xxx/CVE-2016-10420.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2016-10420",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2016-10420",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20"
"version_value": "MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Buffer Over-Read in Video."
"lang": "eng",
"value": "Buffer Over-Read in Video."
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

70
2016/10xxx/CVE-2016-10499.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2016-10499",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2016-10499",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
"product_name": "Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value" : "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20"
"version_value": "MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey."
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Potential Memory leak in Modem"
"lang": "eng",
"value": "Potential Memory leak in Modem"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}

68
2016/1xxx/CVE-2016-1517.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cert@cert.org",
"ID" : "CVE-2016-1517",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2016-1517",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "OpenCV 3.0.0",
"version" : {
"version_data" : [
"product_name": "OpenCV 3.0.0",
"version": {
"version_data": [
{
"version_value" : "OpenCV 3.0.0"
"version_value": "OpenCV 3.0.0"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks."
"lang": "eng",
"value": "OpenCV 3.0.0 allows remote attackers to cause a denial of service (segfault) via vectors involving corrupt chunks."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "DoS"
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://arxiv.org/pdf/1701.04739.pdf",
"refsource" : "MISC",
"url" : "https://arxiv.org/pdf/1701.04739.pdf"
"name": "https://github.com/opencv/opencv/issues/5956",
"refsource": "MISC",
"url": "https://github.com/opencv/opencv/issues/5956"
},
{
"name" : "https://github.com/opencv/opencv/issues/5956",
"refsource" : "MISC",
"url" : "https://github.com/opencv/opencv/issues/5956"
"name": "https://arxiv.org/pdf/1701.04739.pdf",
"refsource": "MISC",
"url": "https://arxiv.org/pdf/1701.04739.pdf"
}
]
}

116
2016/4xxx/CVE-2016-4171.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4171",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4171",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016."
"lang": "eng",
"value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in June 2016."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html"
"name": "GLSA-201606-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-08"
},
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsa16-03.html"
},
{
"name" : "GLSA-201606-08",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201606-08"
"name": "openSUSE-SU-2016:1625",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
},
{
"name" : "RHSA-2016:1238",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1238"
"name": "VU#748992",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/748992"
},
{
"name" : "SUSE-SU-2016:1613",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
"name": "RHSA-2016:1238",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1238"
},
{
"name" : "openSUSE-SU-2016:1621",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
"name": "openSUSE-SU-2016:1621",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
},
{
"name" : "openSUSE-SU-2016:1625",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
"name": "1036094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036094"
},
{
"name" : "VU#748992",
"refsource" : "CERT-VN",
"url" : "https://www.kb.cert.org/vuls/id/748992"
"name": "SUSE-SU-2016:1613",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
},
{
"name" : "91184",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91184"
"name": "91184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91184"
},
{
"name" : "1036094",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036094"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
}
]
}

98
2016/4xxx/CVE-2016-4244.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4244",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-4244",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246."
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4245, and CVE-2016-4246."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
"name": "SUSE-SU-2016:1826",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
},
{
"name" : "GLSA-201607-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201607-03"
"name": "GLSA-201607-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-03"
},
{
"name" : "RHSA-2016:1423",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1423"
"name": "openSUSE-SU-2016:1802",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
},
{
"name" : "SUSE-SU-2016:1826",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
"name": "91725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91725"
},
{
"name" : "openSUSE-SU-2016:1802",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
},
{
"name" : "91725",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91725"
"name": "RHSA-2016:1423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1423"
},
{
"name" : "1036280",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036280"
"name": "1036280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036280"
}
]
}

86
2016/4xxx/CVE-2016-4693.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4693",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4693",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Security\" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"Security\" component, which makes it easier for attackers to bypass cryptographic protection mechanisms by leveraging use of the 3DES cipher."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207422",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207422"
"name": "https://support.apple.com/HT207487",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207487"
},
{
"name" : "https://support.apple.com/HT207423",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207423"
"name": "https://support.apple.com/HT207422",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207422"
},
{
"name" : "https://support.apple.com/HT207487",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207487"
"name": "94905",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94905"
},
{
"name" : "94905",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94905"
"name": "1037469",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037469"
},
{
"name" : "1037469",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037469"
"name": "https://support.apple.com/HT207423",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207423"
}
]
}

116
2016/4xxx/CVE-2016-4725.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2016-4725",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-4725",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site."
"lang": "eng",
"value": "IOAcceleratorFamily in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (memory corruption) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207141",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207141"
"name": "https://support.apple.com/HT207141",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207141"
},
{
"name" : "https://support.apple.com/HT207142",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207142"
"name": "1036858",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036858"
},
{
"name" : "https://support.apple.com/HT207143",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207143"
"name": "APPLE-SA-2016-09-20",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
},
{
"name" : "https://support.apple.com/HT207170",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207170"
"name": "APPLE-SA-2016-09-20-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
},
{
"name" : "APPLE-SA-2016-09-20",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
"name": "APPLE-SA-2016-09-20-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"
},
{
"name" : "APPLE-SA-2016-09-20-3",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
"name": "APPLE-SA-2016-09-20-6",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"
},
{
"name" : "APPLE-SA-2016-09-20-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"
"name": "93054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93054"
},
{
"name" : "APPLE-SA-2016-09-20-6",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
},
{
"name" : "93054",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93054"
"name": "https://support.apple.com/HT207142",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207142"
},
{
"name" : "1036858",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036858"
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}

80
2016/4xxx/CVE-2016-4870.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-4870",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4870",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function."
"lang": "eng",
"value": "Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the Schedule function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.cybozu.com/ja-jp/article/9427",
"refsource" : "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9427"
"name": "93281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93281"
},
{
"name" : "JVN#06726266",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN06726266/index.html"
"name": "https://support.cybozu.com/ja-jp/article/9427",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9427"
},
{
"name" : "JVNDB-2016-000186",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000186.html"
"name": "JVNDB-2016-000186",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000186.html"
},
{
"name" : "93281",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93281"
"name": "JVN#06726266",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN06726266/index.html"
}
]
}

22
2019/3xxx/CVE-2019-3297.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3297",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3297",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3493.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3493",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3493",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/3xxx/CVE-2019-3925.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-3925",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-3925",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4080.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4080",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4080",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4270.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4270",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4270",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4738.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4738",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4738",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/4xxx/CVE-2019-4989.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4989",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4989",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6274.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6274",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6274",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6642.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6642",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6642",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/6xxx/CVE-2019-6808.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-6808",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6808",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2019/7xxx/CVE-2019-7402.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7402",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7402",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg&#95;qqcode parameter. This can be exploited via CSRF."
"lang": "eng",
"value": "An issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg&#95;qqcode parameter. This can be exploited via CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/panghusec/exploit/issues/8",
"refsource" : "MISC",
"url" : "https://github.com/panghusec/exploit/issues/8"
"name": "https://github.com/panghusec/exploit/issues/8",
"refsource": "MISC",
"url": "https://github.com/panghusec/exploit/issues/8"
}
]
}

68
2019/7xxx/CVE-2019-7677.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7677",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7677",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
"lang": "eng",
"value": "XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt",
"refsource" : "MISC",
"url" : "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS-exp.txt"
},
{
"name" : "https://github.com/pudding2/enphase-energy/blob/master/XSS.png",
"refsource" : "MISC",
"url" : "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
"name": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png",
"refsource": "MISC",
"url": "https://github.com/pudding2/enphase-energy/blob/master/XSS.png"
}
]
}

62
2019/7xxx/CVE-2019-7702.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7702",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7702",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as."
"lang": "eng",
"value": "A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/WebAssembly/binaryen/issues/1867",
"refsource" : "MISC",
"url" : "https://github.com/WebAssembly/binaryen/issues/1867"
"name": "https://github.com/WebAssembly/binaryen/issues/1867",
"refsource": "MISC",
"url": "https://github.com/WebAssembly/binaryen/issues/1867"
}
]
}

22
2019/7xxx/CVE-2019-7982.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-7982",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7982",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8289.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8289",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8289",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/8xxx/CVE-2019-8783.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-8783",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-8783",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2019/9xxx/CVE-2019-9035.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9035",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9035",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c."
"lang": "eng",
"value": "An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/TeamSeri0us/pocs/tree/master/matio",
"refsource" : "MISC",
"url" : "https://github.com/TeamSeri0us/pocs/tree/master/matio"
"name": "https://github.com/tbeu/matio/issues/103",
"refsource": "MISC",
"url": "https://github.com/tbeu/matio/issues/103"
},
{
"name" : "https://github.com/tbeu/matio/issues/103",
"refsource" : "MISC",
"url" : "https://github.com/tbeu/matio/issues/103"
"name": "https://github.com/TeamSeri0us/pocs/tree/master/matio",
"refsource": "MISC",
"url": "https://github.com/TeamSeri0us/pocs/tree/master/matio"
}
]
}

22
2019/9xxx/CVE-2019-9140.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9140",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9140",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2019/9xxx/CVE-2019-9523.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-9523",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-9523",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}