admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:42:41 +00:00
parent d695fd4838
commit 6943f9fa1c
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
67 changed files with 4325 additions and 4325 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0005.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0005",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Arbitrary command execution via IMAP buffer overflow in authenticate command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "00177",
"refsource" : "SUN",
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177"
},
{
"name" : "130",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/130"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary command execution via IMAP buffer overflow in authenticate command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/130"
},
{
"name": "00177",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/177"
}
]
}
}

130
1999/0xxx/CVE-1999-0390.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0390",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Dosemu Slang library in Linux."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "CSSA-1999-006.1",
"refsource" : "CALDERA",
"url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt"
},
{
"name" : "187",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/187"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Dosemu Slang library in Linux."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CSSA-1999-006.1",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-006.1.txt"
},
{
"name": "187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/187"
}
]
}
}

34
1999/0xxx/CVE-1999-0644.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0644",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The NNTP news service is running.\""
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-1999-0644",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The NNTP news service is running.\""
}
]
}
}

130
1999/1xxx/CVE-1999-1211.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1211",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "CA-1991-02",
"refsource" : "CERT",
"url" : "http://www.cert.org/advisories/CA-1991-02.html"
},
{
"name" : "sun-intelnetd(574)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/574"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sun-intelnetd(574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/574"
},
{
"name": "CA-1991-02",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1991-02.html"
}
]
}
}

140
1999/1xxx/CVE-1999-1290.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1290",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19981117 nftp vulnerability (fwd)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=91127951426494&w=2"
},
{
"name" : "http://www.ayukov.com/nftp/history.html",
"refsource" : "CONFIRM",
"url" : "http://www.ayukov.com/nftp/history.html"
},
{
"name" : "nftp-bo(1397)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1397"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19981117 nftp vulnerability (fwd)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91127951426494&w=2"
},
{
"name": "nftp-bo(1397)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1397"
},
{
"name": "http://www.ayukov.com/nftp/history.html",
"refsource": "CONFIRM",
"url": "http://www.ayukov.com/nftp/history.html"
}
]
}
}

140
1999/1xxx/CVE-1999-1541.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1541",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1541",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19991004",
"refsource" : "L0PHT",
"url" : "http://www.atstake.com/research/advisories/1999/shell-lock.txt"
},
{
"name" : "19991005 Cactus Software's shell-lock",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=93916168802365&w=2"
},
{
"name" : "cactus-shell-lock-root-privs(3358)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3358"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991005 Cactus Software's shell-lock",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=93916168802365&w=2"
},
{
"name": "19991004",
"refsource": "L0PHT",
"url": "http://www.atstake.com/research/advisories/1999/shell-lock.txt"
},
{
"name": "cactus-shell-lock-root-privs(3358)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3358"
}
]
}
}

140
2000/0xxx/CVE-2000-0239.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0239",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000315 Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=95325335825295&w=2"
},
{
"name" : "http://www.ussrback.com/labs36.html",
"refsource" : "MISC",
"url" : "http://www.ussrback.com/labs36.html"
},
{
"name" : "1056",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1056"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000315 Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95325335825295&w=2"
},
{
"name": "1056",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1056"
},
{
"name": "http://www.ussrback.com/labs36.html",
"refsource": "MISC",
"url": "http://www.ussrback.com/labs36.html"
}
]
}
}

150
2000/0xxx/CVE-2000-0317.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0317",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000424 Solaris 7 x86 lpset exploit.",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html"
},
{
"name" : "20000426 Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html"
},
{
"name" : "20000427 Re: Solaris/SPARC 2.7 lpset exploit (well not likely !)",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=95729763119559&w=2"
},
{
"name" : "1138",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1138"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000427 Re: Solaris/SPARC 2.7 lpset exploit (well not likely !)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95729763119559&w=2"
},
{
"name": "1138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1138"
},
{
"name": "20000426 Re: Solaris Sparc 2.6 & 7 lp/lpset/lpstat root compromise exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0236.html"
},
{
"name": "20000424 Solaris 7 x86 lpset exploit.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0192.html"
}
]
}
}

170
2000/0xxx/CVE-2000-0390.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0390",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"
},
{
"name" : "CA-2000-06",
"refsource" : "CERT",
"url" : "http://www.cert.org/advisories/CA-2000-06.html"
},
{
"name" : "FreeBSD-SA-00:20",
"refsource" : "FREEBSD",
"url" : "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"
},
{
"name" : "RHSA-2000:025",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2000-025.html"
},
{
"name" : "1220",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1220"
},
{
"name" : "4884",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/4884"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:20",
"refsource": "FREEBSD",
"url": "http://archives.neohapsis.com/archives/freebsd/2000-05/0295.html"
},
{
"name": "RHSA-2000:025",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-025.html"
},
{
"name": "4884",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4884"
},
{
"name": "CA-2000-06",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-06.html"
},
{
"name": "20000516 BUFFER OVERRUN VULNERABILITIES IN KERBEROS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0184.html"
},
{
"name": "1220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1220"
}
]
}
}

150
2000/0xxx/CVE-2000-0401.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0401",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0401",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000525 Alert: PDG Cart Overflows",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=95928319715983&w=2"
},
{
"name" : "20000525 Alert: PDG Cart Overflows",
"refsource" : "NTBUGTRAQ",
"url" : "http://marc.info/?l=ntbugtraq&m=95928667119963&w=2"
},
{
"name" : "http://www.pdgsoft.com/Security/security2.html",
"refsource" : "CONFIRM",
"url" : "http://www.pdgsoft.com/Security/security2.html"
},
{
"name" : "1256",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1256"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1256"
},
{
"name": "20000525 Alert: PDG Cart Overflows",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95928319715983&w=2"
},
{
"name": "http://www.pdgsoft.com/Security/security2.html",
"refsource": "CONFIRM",
"url": "http://www.pdgsoft.com/Security/security2.html"
},
{
"name": "20000525 Alert: PDG Cart Overflows",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=95928667119963&w=2"
}
]
}
}

120
2000/0xxx/CVE-2000-0831.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0831",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000912 DST2K0027: DoS in Faststream FTP++ 2.0",
"refsource" : "WIN2KSEC",
"url" : "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0109.html"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000912 DST2K0027: DoS in Faststream FTP++ 2.0",
"refsource": "WIN2KSEC",
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0109.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0838.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0838",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000914 DST2K0028: DoS in FUR HTTP Server v1.0b",
"refsource" : "WIN2KSEC",
"url" : "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0111.html"
},
{
"name" : "fur-get-dos(5237)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5237"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fur-get-dos(5237)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5237"
},
{
"name": "20000914 DST2K0028: DoS in FUR HTTP Server v1.0b",
"refsource": "WIN2KSEC",
"url": "http://archives.neohapsis.com/archives/win2ksecadvice/2000-q3/0111.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0932.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0932",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000926 FW: DOS for Content Technologies' MAILsweeper for SMTP.",
"refsource" : "NTBUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html"
},
{
"name" : "mailsweeper-smtp-dos(5641)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5641"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, which allows remote attackers to cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000926 FW: DOS for Content Technologies' MAILsweeper for SMTP.",
"refsource": "NTBUGTRAQ",
"url": "http://archives.neohapsis.com/archives/ntbugtraq/2000-q3/0181.html"
},
{
"name": "mailsweeper-smtp-dos(5641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5641"
}
]
}
}

140
2000/0xxx/CVE-2000-0998.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-0998",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in top program allows local attackers to gain root privileges via the \"kill\" or \"renice\" function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch",
"refsource" : "MISC",
"url" : "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name" : "FreeBSD-SA-00:62",
"refsource" : "FREEBSD",
"url" : "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc"
},
{
"name" : "1895",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1895"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in top program allows local attackers to gain root privileges via the \"kill\" or \"renice\" function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1895",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1895"
},
{
"name": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch",
"refsource": "MISC",
"url": "ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/028_format_strings.patch"
},
{
"name": "FreeBSD-SA-00:62",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:62.top.v1.1.asc"
}
]
}
}

130
2000/1xxx/CVE-2000-1125.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1125",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20001104 Redhat 6.2 restore exploit",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=97336034309944&w=2"
},
{
"name" : "1914",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1914"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1914",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1914"
},
{
"name": "20001104 Redhat 6.2 restore exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=97336034309944&w=2"
}
]
}
}

150
2005/2xxx/CVE-2005-2774.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2774",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2774",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050825 Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112500372617684&w=2"
},
{
"name" : "14664",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14664"
},
{
"name" : "16585",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16585/"
},
{
"name" : "quake-nickname-format-string(22013)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22013"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the nickname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14664",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14664"
},
{
"name": "20050825 Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln?",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112500372617684&w=2"
},
{
"name": "16585",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16585/"
},
{
"name": "quake-nickname-format-string(22013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22013"
}
]
}
}

160
2005/2xxx/CVE-2005-2961.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2961",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@debian.org",
"ID": "CVE-2005-2961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "DSA-834",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-834"
},
{
"name" : "14993",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14993"
},
{
"name" : "17021",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17021/"
},
{
"name" : "17035",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17035"
},
{
"name" : "prozilla-ftpsearch-bo(22491)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22491"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response with a crafted string in the HREF field of an <A> tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-834",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-834"
},
{
"name": "17035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17035"
},
{
"name": "14993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14993"
},
{
"name": "17021",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17021/"
},
{
"name": "prozilla-ftpsearch-bo(22491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22491"
}
]
}
}

120
2007/1xxx/CVE-2007-1169.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1169",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1169",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.trendmicro.com/download/product.asp?productid=20",
"refsource" : "CONFIRM",
"url" : "http://www.trendmicro.com/download/product.asp?productid=20"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web interface in Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before 20070216 accepts logon requests through unencrypted HTTP, which might allow remote attackers to obtain credentials by sniffing the network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trendmicro.com/download/product.asp?productid=20",
"refsource": "CONFIRM",
"url": "http://www.trendmicro.com/download/product.asp?productid=20"
}
]
}
}

180
2007/1xxx/CVE-2007-1925.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1925",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012",
"refsource" : "CONFIRM",
"url" : "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012"
},
{
"name" : "http://truzone.org/modules.php?name=News&file=article&sid=1613",
"refsource" : "CONFIRM",
"url" : "http://truzone.org/modules.php?name=News&file=article&sid=1613"
},
{
"name" : "23354",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/23354"
},
{
"name" : "ADV-2007-1285",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1285"
},
{
"name" : "34665",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34665"
},
{
"name" : "24800",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24800"
},
{
"name" : "nukeet-youraccount-data-manipulation(33483)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33483"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1285",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1285"
},
{
"name": "23354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23354"
},
{
"name": "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012",
"refsource": "CONFIRM",
"url": "http://truzone.org/modules.php?name=Forums&file=viewtopic&p=287012"
},
{
"name": "nukeet-youraccount-data-manipulation(33483)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33483"
},
{
"name": "http://truzone.org/modules.php?name=News&file=article&sid=1613",
"refsource": "CONFIRM",
"url": "http://truzone.org/modules.php?name=News&file=article&sid=1613"
},
{
"name": "24800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24800"
},
{
"name": "34665",
"refsource": "OSVDB",
"url": "http://osvdb.org/34665"
}
]
}
}

250
2007/5xxx/CVE-2007-5305.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5305",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) commentaire.php, and (f) coeurusr.php in utilisateurs/, and (g) articles/fonctions.php and (h) depot/fonctions.php in moduleajouter/; the (3) corpsdesign parameter to (i) articles/usrarticles.php and (j) depot/usrdepot.php in moduleajouter/; and possibly other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5305",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071006 Else If cms Multiple Remote vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481683/100/0/threaded"
},
{
"name" : "25951",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25951"
},
{
"name" : "38649",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38649"
},
{
"name" : "38650",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38650"
},
{
"name" : "38651",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38651"
},
{
"name" : "38652",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38652"
},
{
"name" : "38653",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38653"
},
{
"name" : "38654",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38654"
},
{
"name" : "38655",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38655"
},
{
"name" : "38656",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38656"
},
{
"name" : "38657",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38657"
},
{
"name" : "38658",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/38658"
},
{
"name" : "3204",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3204"
},
{
"name" : "elseif-multiple-file-include(37011)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37011"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in ELSEIF CMS Beta 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the (1) contenus parameter to (a) contenus.php; the (2) tpelseifportalrepertoire parameter to (b) votes.php, (c) espaceperso.php, (d) enregistrement.php, (e) commentaire.php, and (f) coeurusr.php in utilisateurs/, and (g) articles/fonctions.php and (h) depot/fonctions.php in moduleajouter/; the (3) corpsdesign parameter to (i) articles/usrarticles.php and (j) depot/usrdepot.php in moduleajouter/; and possibly other files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38656",
"refsource": "OSVDB",
"url": "http://osvdb.org/38656"
},
{
"name": "38649",
"refsource": "OSVDB",
"url": "http://osvdb.org/38649"
},
{
"name": "38651",
"refsource": "OSVDB",
"url": "http://osvdb.org/38651"
},
{
"name": "38653",
"refsource": "OSVDB",
"url": "http://osvdb.org/38653"
},
{
"name": "25951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25951"
},
{
"name": "38652",
"refsource": "OSVDB",
"url": "http://osvdb.org/38652"
},
{
"name": "38658",
"refsource": "OSVDB",
"url": "http://osvdb.org/38658"
},
{
"name": "38654",
"refsource": "OSVDB",
"url": "http://osvdb.org/38654"
},
{
"name": "38650",
"refsource": "OSVDB",
"url": "http://osvdb.org/38650"
},
{
"name": "38655",
"refsource": "OSVDB",
"url": "http://osvdb.org/38655"
},
{
"name": "20071006 Else If cms Multiple Remote vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481683/100/0/threaded"
},
{
"name": "elseif-multiple-file-include(37011)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37011"
},
{
"name": "3204",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3204"
},
{
"name": "38657",
"refsource": "OSVDB",
"url": "http://osvdb.org/38657"
}
]
}
}

160
2007/5xxx/CVE-2007-5439.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5439",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5439",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071010 [ELEYTT] 10PAZDZIERNIK2007",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
},
{
"name" : "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf",
"refsource" : "MISC",
"url" : "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
},
{
"name" : "26012",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26012"
},
{
"name" : "43487",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/43487"
},
{
"name" : "3219",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3219"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 stores sensitive user information in log files with predictable names, which allows remote attackers to obtain this information via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3219",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3219"
},
{
"name": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf",
"refsource": "MISC",
"url": "http://www.eleytt.com/advisories/eleytt_ETRUSTITM1.pdf"
},
{
"name": "26012",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26012"
},
{
"name": "43487",
"refsource": "OSVDB",
"url": "http://osvdb.org/43487"
},
{
"name": "20071010 [ELEYTT] 10PAZDZIERNIK2007",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482021/100/0/threaded"
}
]
}
}

160
2007/5xxx/CVE-2007-5572.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5572",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow remote attackers to perform delete actions as administrators via (1) the block_id parameter to add_block.php or (2) the link_id parameter to add_link.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071017 Multiple CSRF in SimplePHPBlog",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482422/100/0/threaded"
},
{
"name" : "http://hackish.altervista.org/forum/viewtopic.php?t=221",
"refsource" : "MISC",
"url" : "http://hackish.altervista.org/forum/viewtopic.php?t=221"
},
{
"name" : "27264",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27264"
},
{
"name" : "simplephpblog-addblock-csrf(37238)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37238"
},
{
"name" : "simplephpblog-addlink-csrf(37239)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37239"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 allow remote attackers to perform delete actions as administrators via (1) the block_id parameter to add_block.php or (2) the link_id parameter to add_link.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "simplephpblog-addlink-csrf(37239)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37239"
},
{
"name": "simplephpblog-addblock-csrf(37238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37238"
},
{
"name": "http://hackish.altervista.org/forum/viewtopic.php?t=221",
"refsource": "MISC",
"url": "http://hackish.altervista.org/forum/viewtopic.php?t=221"
},
{
"name": "20071017 Multiple CSRF in SimplePHPBlog",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482422/100/0/threaded"
},
{
"name": "27264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27264"
}
]
}
}

230
2007/5xxx/CVE-2007-5631.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5631",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071111 PeopleAggregatory security advisory - re CVE-2007-5631",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/483571/100/0/threaded"
},
{
"name" : "4551",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4551"
},
{
"name" : "http://www.myelin.co.nz/post/2007/11/12/#200711121",
"refsource" : "CONFIRM",
"url" : "http://www.myelin.co.nz/post/2007/11/12/#200711121"
},
{
"name" : "26147",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/26147"
},
{
"name" : "45495",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45495"
},
{
"name" : "45496",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45496"
},
{
"name" : "45497",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45497"
},
{
"name" : "45498",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45498"
},
{
"name" : "45499",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45499"
},
{
"name" : "45500",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45500"
},
{
"name" : "45501",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/45501"
},
{
"name" : "peopleaggregator-pathprefix-file-include(37349)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37349"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the current_blockmodule_path parameter to (1) AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, (2) ImagesMediaGalleryModule/ImagesMediaGalleryModule.php, (3) MembersFacewallModule/MembersFacewallModule.php, (4) NewestGroupsModule/NewestGroupsModule.php, (5) UploadMediaModule/UploadMediaModule.php, and (6) VideosMediaGalleryModule/VideosMediaGalleryModule.php in BetaBlockModules/; and (7) the path_prefix parameter to several components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45496",
"refsource": "OSVDB",
"url": "http://osvdb.org/45496"
},
{
"name": "26147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26147"
},
{
"name": "20071111 PeopleAggregatory security advisory - re CVE-2007-5631",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483571/100/0/threaded"
},
{
"name": "45495",
"refsource": "OSVDB",
"url": "http://osvdb.org/45495"
},
{
"name": "45501",
"refsource": "OSVDB",
"url": "http://osvdb.org/45501"
},
{
"name": "45500",
"refsource": "OSVDB",
"url": "http://osvdb.org/45500"
},
{
"name": "4551",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4551"
},
{
"name": "http://www.myelin.co.nz/post/2007/11/12/#200711121",
"refsource": "CONFIRM",
"url": "http://www.myelin.co.nz/post/2007/11/12/#200711121"
},
{
"name": "45499",
"refsource": "OSVDB",
"url": "http://osvdb.org/45499"
},
{
"name": "45497",
"refsource": "OSVDB",
"url": "http://osvdb.org/45497"
},
{
"name": "45498",
"refsource": "OSVDB",
"url": "http://osvdb.org/45498"
},
{
"name": "peopleaggregator-pathprefix-file-include(37349)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37349"
}
]
}
}

160
2007/5xxx/CVE-2007-5766.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5766",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071031 ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/483098/100/100/threaded"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html"
},
{
"name" : "40080",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/40080"
},
{
"name" : "3344",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3344"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
},
{
"name": "20071031 ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483098/100/100/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-058.html"
},
{
"name": "3344",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3344"
},
{
"name": "40080",
"refsource": "OSVDB",
"url": "http://osvdb.org/40080"
}
]
}
}

130
2007/5xxx/CVE-2007-5833.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5833",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071024 Bosdev Multiple vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/482732/100/0/threaded"
},
{
"name" : "3343",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3343"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System allow remote authenticated users to inject arbitrary web script or HTML via (1) user info (account details) or (2) a post."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071024 Bosdev Multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482732/100/0/threaded"
},
{
"name": "3343",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3343"
}
]
}
}

140
2009/2xxx/CVE-2009-2324.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2324",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20090703 [oCERT-2009-007] FCKeditor input sanitization errors",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/504721/100/0/threaded"
},
{
"name" : "http://www.ocert.org/advisories/ocert-2009-007.html",
"refsource" : "MISC",
"url" : "http://www.ocert.org/advisories/ocert-2009-007.html"
},
{
"name" : "1022513",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1022513"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to inject arbitrary web script or HTML via components in the samples (aka _samples) directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ocert.org/advisories/ocert-2009-007.html",
"refsource": "MISC",
"url": "http://www.ocert.org/advisories/ocert-2009-007.html"
},
{
"name": "1022513",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022513"
},
{
"name": "20090703 [oCERT-2009-007] FCKeditor input sanitization errors",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504721/100/0/threaded"
}
]
}
}

160
2009/2xxx/CVE-2009-2459.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2459",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \\environ, (2) \\input, and (3) \\counter TeX directives."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://scary.beasts.org/security/CESA-2009-009.html",
"refsource" : "MISC",
"url" : "http://scary.beasts.org/security/CESA-2009-009.html"
},
{
"name" : "FEDORA-2010-6546",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html"
},
{
"name" : "35752",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35752"
},
{
"name" : "ADV-2009-1875",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1875"
},
{
"name" : "ADV-2010-0877",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/0877"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \\environ, (2) \\input, and (3) \\counter TeX directives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1875",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1875"
},
{
"name": "35752",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35752"
},
{
"name": "ADV-2010-0877",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0877"
},
{
"name": "http://scary.beasts.org/security/CESA-2009-009.html",
"refsource": "MISC",
"url": "http://scary.beasts.org/security/CESA-2009-009.html"
},
{
"name": "FEDORA-2010-6546",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html"
}
]
}
}

160
2015/3xxx/CVE-2015-3162.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3162",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3162",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150507 beaker vulns fixed in version 20.1",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/05/08/1"
},
{
"name" : "https://bugzilla.redhat.com/attachment.cgi?id=1021565",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/attachment.cgi?id=1021565"
},
{
"name" : "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes",
"refsource" : "CONFIRM",
"url" : "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215030",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1215030"
},
{
"name" : "74568",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74568"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the edit comment dialog in bkr/server/widgets.py in Beaker 20.1 allows remote authenticated users to inject arbitrary web script or HTML via writing a crafted comment on an acked or nacked canceled job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150507 beaker vulns fixed in version 20.1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/08/1"
},
{
"name": "74568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74568"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1215030",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1215030"
},
{
"name": "https://bugzilla.redhat.com/attachment.cgi?id=1021565",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=1021565"
},
{
"name": "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes",
"refsource": "CONFIRM",
"url": "https://beaker-project.org/docs/whats-new/release-20.html#bug-fixes"
}
]
}
}

460
2015/3xxx/CVE-2015-3183.json
View File

@ -1,232 +1,232 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3183",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-3183",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource" : "CONFIRM",
"url" : "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name" : "http://www.apache.org/dist/httpd/CHANGES_2.4",
"refsource" : "CONFIRM",
"url" : "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"name" : "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"refsource" : "CONFIRM",
"url" : "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
},
{
"name" : "https://support.apple.com/kb/HT205031",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/kb/HT205031"
},
{
"name" : "https://support.apple.com/HT205219",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT205219"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
},
{
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"refsource" : "CONFIRM",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"refsource" : "CONFIRM",
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"name" : "https://puppet.com/security/cve/CVE-2015-3183",
"refsource" : "CONFIRM",
"url" : "https://puppet.com/security/cve/CVE-2015-3183"
},
{
"name" : "APPLE-SA-2015-08-13-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name" : "APPLE-SA-2015-09-16-4",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"name" : "DSA-3325",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3325"
},
{
"name" : "GLSA-201610-02",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-02"
},
{
"name" : "HPSBUX03512",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
},
{
"name" : "SSRT102254",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
},
{
"name" : "RHSA-2016:0062",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
},
{
"name" : "RHSA-2016:0061",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
},
{
"name" : "RHSA-2015:2659",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2015:2659"
},
{
"name" : "RHSA-2015:2660",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2015:2660"
},
{
"name" : "RHSA-2015:2661",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
},
{
"name" : "RHSA-2015:1667",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
},
{
"name" : "RHSA-2015:1668",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
},
{
"name" : "RHSA-2015:1666",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
},
{
"name" : "RHSA-2016:2054",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name" : "RHSA-2016:2055",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name" : "RHSA-2016:2056",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name" : "openSUSE-SU-2015:1684",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"name" : "USN-2686-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2686-1"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "75963",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75963"
},
{
"name" : "1032967",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032967"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX03512",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
},
{
"name": "RHSA-2016:2056",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2056.html"
},
{
"name": "openSUSE-SU-2015:1684",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00011.html"
},
{
"name": "http://httpd.apache.org/security/vulnerabilities_24.html",
"refsource": "CONFIRM",
"url": "http://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "RHSA-2016:0061",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0061.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "GLSA-201610-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-02"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "RHSA-2015:1667",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1667.html"
},
{
"name": "RHSA-2016:0062",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0062.html"
},
{
"name": "http://www.apache.org/dist/httpd/CHANGES_2.4",
"refsource": "CONFIRM",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.4"
},
{
"name": "RHSA-2015:1666",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
},
{
"name": "1032967",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032967"
},
{
"name": "RHSA-2015:1668",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1668.html"
},
{
"name": "RHSA-2015:2661",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2661.html"
},
{
"name": "RHSA-2016:2055",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2055.html"
},
{
"name": "USN-2686-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2686-1"
},
{
"name": "SSRT102254",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144493176821532&w=2"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "75963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75963"
},
{
"name": "DSA-3325",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3325"
},
{
"name": "RHSA-2015:2659",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2015:2659"
},
{
"name": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73",
"refsource": "CONFIRM",
"url": "https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73"
},
{
"name": "https://puppet.com/security/cve/CVE-2015-3183",
"refsource": "CONFIRM",
"url": "https://puppet.com/security/cve/CVE-2015-3183"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2015:2660",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2015:2660"
},
{
"name": "RHSA-2016:2054",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2054.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
},
{
"name": "APPLE-SA-2015-09-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"name": "https://support.apple.com/HT205219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205219"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}

34
2015/3xxx/CVE-2015-3514.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3514",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3514",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

160
2015/3xxx/CVE-2015-3886.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3886",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3886",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150512 CVE request: libinfinity did not correctly check certificates for validity",
"refsource" : "MLIST",
"url" : "http://seclists.org/oss-sec/2015/q2/410"
},
{
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601",
"refsource" : "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1221266",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1221266"
},
{
"name" : "https://github.com/gobby/gobby/issues/61",
"refsource" : "CONFIRM",
"url" : "https://github.com/gobby/gobby/issues/61"
},
{
"name" : "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706",
"refsource" : "CONFIRM",
"url" : "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1221266",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1221266"
},
{
"name": "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706",
"refsource": "CONFIRM",
"url": "https://github.com/gobby/libinfinity/commit/c97f870f5ae13112988d9f8ad464b4f679903706"
},
{
"name": "[oss-security] 20150512 CVE request: libinfinity did not correctly check certificates for validity",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2015/q2/410"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783601"
},
{
"name": "https://github.com/gobby/gobby/issues/61",
"refsource": "CONFIRM",
"url": "https://github.com/gobby/gobby/issues/61"
}
]
}
}

120
2015/3xxx/CVE-2015-3913.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3913",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm",
"refsource" : "CONFIRM",
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-427449.htm"
}
]
}
}

130
2015/4xxx/CVE-2015-4252.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4252",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150709 Cisco TelePresence ISDN Gateway Software Cross-Site Request Forgery Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39795"
},
{
"name" : "1032838",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032838"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032838"
},
{
"name": "20150709 Cisco TelePresence ISDN Gateway Software Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39795"
}
]
}
}

34
2015/4xxx/CVE-2015-4326.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4326",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4326",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

270
2015/4xxx/CVE-2015-4485.json
View File

@ -1,137 +1,137 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4485",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2015-4485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "GLSA-201605-06",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201605-06"
},
{
"name" : "RHSA-2015:1586",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1586.html"
},
{
"name" : "openSUSE-SU-2015:1389",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html"
},
{
"name" : "openSUSE-SU-2015:1390",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html"
},
{
"name" : "SUSE-SU-2015:2081",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
},
{
"name" : "SUSE-SU-2015:1449",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name" : "openSUSE-SU-2015:1453",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html"
},
{
"name" : "openSUSE-SU-2015:1454",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html"
},
{
"name" : "SUSE-SU-2015:1528",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html"
},
{
"name" : "USN-2702-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2702-1"
},
{
"name" : "USN-2702-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2702-2"
},
{
"name" : "USN-2702-3",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2702-3"
},
{
"name" : "1033247",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033247"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via malformed WebM video data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:2081",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1177948"
},
{
"name": "openSUSE-SU-2015:1454",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html"
},
{
"name": "USN-2702-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2702-3"
},
{
"name": "openSUSE-SU-2015:1389",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html"
},
{
"name": "openSUSE-SU-2015:1453",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html"
},
{
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-89.html"
},
{
"name": "RHSA-2015:1586",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1586.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "SUSE-SU-2015:1528",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html"
},
{
"name": "1033247",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033247"
},
{
"name": "USN-2702-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2702-2"
},
{
"name": "USN-2702-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2702-1"
},
{
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
},
{
"name": "SUSE-SU-2015:1449",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html"
},
{
"name": "openSUSE-SU-2015:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html"
}
]
}
}

290
2015/4xxx/CVE-2015-4861.json
View File

@ -1,147 +1,147 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4861",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4861",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name" : "DSA-3385",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3385"
},
{
"name" : "DSA-3377",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3377"
},
{
"name" : "FEDORA-2016-e30164d0a2",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html"
},
{
"name" : "RHSA-2016:0534",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html"
},
{
"name" : "RHSA-2016:0705",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name" : "RHSA-2016:1132",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"name" : "RHSA-2016:1480",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
},
{
"name" : "RHSA-2016:1481",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
},
{
"name" : "SUSE-SU-2016:0296",
"refsource" : "SUSE",
"url" : "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html"
},
{
"name" : "openSUSE-SU-2016:0368",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html"
},
{
"name" : "openSUSE-SU-2015:2244",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html"
},
{
"name" : "openSUSE-SU-2015:2246",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html"
},
{
"name" : "USN-2781-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2781-1"
},
{
"name" : "77137",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77137"
},
{
"name" : "1033894",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033894"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:2244",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html"
},
{
"name": "RHSA-2016:1481",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
},
{
"name": "1033894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033894"
},
{
"name": "RHSA-2016:1132",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1132"
},
{
"name": "RHSA-2016:0534",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html"
},
{
"name": "USN-2781-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2781-1"
},
{
"name": "SUSE-SU-2016:0296",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "RHSA-2016:1480",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
},
{
"name": "openSUSE-SU-2015:2246",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html"
},
{
"name": "DSA-3385",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3385"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2016:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html"
},
{
"name": "77137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77137"
},
{
"name": "DSA-3377",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3377"
},
{
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name": "FEDORA-2016-e30164d0a2",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html"
}
]
}
}

180
2015/8xxx/CVE-2015-8062.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8062",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2015-8062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"name" : "GLSA-201601-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201601-03"
},
{
"name" : "SUSE-SU-2015:2236",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
},
{
"name" : "SUSE-SU-2015:2247",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
},
{
"name" : "openSUSE-SU-2015:2239",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
},
{
"name" : "78715",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78715"
},
{
"name" : "1034318",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034318"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:2239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
},
{
"name": "78715",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78715"
},
{
"name": "SUSE-SU-2015:2236",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
},
{
"name": "SUSE-SU-2015:2247",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
},
{
"name": "1034318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034318"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
}
]
}
}

140
2015/8xxx/CVE-2015-8079.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8079",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-8079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20151105 Re: CVE request: qt5-qtwebkit records visited URLS in private browsing",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/11/05/4"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204795",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1204795"
},
{
"name" : "https://codereview.qt-project.org/#/c/108936/",
"refsource" : "CONFIRM",
"url" : "https://codereview.qt-project.org/#/c/108936/"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1204795",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1204795"
},
{
"name": "[oss-security] 20151105 Re: CVE request: qt5-qtwebkit records visited URLS in private browsing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/11/05/4"
},
{
"name": "https://codereview.qt-project.org/#/c/108936/",
"refsource": "CONFIRM",
"url": "https://codereview.qt-project.org/#/c/108936/"
}
]
}
}

34
2015/8xxx/CVE-2015-8293.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8293",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8293",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

170
2015/8xxx/CVE-2015-8950.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8950",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"name" : "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource" : "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
},
{
"name" : "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8",
"refsource" : "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8"
},
{
"name" : "93318",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93318"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8"
},
{
"name": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93318"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5"
}
]
}
}

132
2015/9xxx/CVE-2015-9211.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2015-9211",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
{
"version_value" : "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overread vulnerability in Playready"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overread vulnerability in Playready"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

150
2016/1xxx/CVE-2016-1038.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1038",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1038",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-292",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"name" : "90517",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/90517"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1039, CVE-2016-1040, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-292",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-292"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "90517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90517"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

140
2016/1xxx/CVE-2016-1275.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1275",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-1275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750",
"refsource" : "CONFIRM",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750"
},
{
"name" : "91758",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91758"
},
{
"name" : "1036301",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036301"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036301",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036301"
},
{
"name": "91758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91758"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10750"
}
]
}
}

160
2016/1xxx/CVE-2016-1758.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1758",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2016-1758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://support.apple.com/HT206166",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206166"
},
{
"name" : "https://support.apple.com/HT206167",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT206167"
},
{
"name" : "APPLE-SA-2016-03-21-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"name" : "APPLE-SA-2016-03-21-5",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name" : "1035353",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035353"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to obtain sensitive memory-layout information or cause a denial of service (out-of-bounds read) via a crafted app."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "APPLE-SA-2016-03-21-5",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "https://support.apple.com/HT206167",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206167"
},
{
"name": "1035353",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035353"
},
{
"name": "APPLE-SA-2016-03-21-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"name": "https://support.apple.com/HT206166",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206166"
}
]
}
}

170
2016/5xxx/CVE-2016-5199.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2016-5199",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android",
"version" : {
"version_data" : [
{
"version_value" : "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "off by one error"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2016-5199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android",
"version": {
"version_data": [
{
"version_value": "Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html"
},
{
"name" : "https://crbug.com/643948",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/643948"
},
{
"name" : "GLSA-201611-16",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201611-16"
},
{
"name" : "RHSA-2016:2718",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2718.html"
},
{
"name" : "94196",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94196"
},
{
"name" : "1037273",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037273"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted video file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "off by one error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037273",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037273"
},
{
"name": "GLSA-201611-16",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201611-16"
},
{
"name": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/11/stable-channel-update-for-desktop_9.html"
},
{
"name": "94196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94196"
},
{
"name": "https://crbug.com/643948",
"refsource": "CONFIRM",
"url": "https://crbug.com/643948"
},
{
"name": "RHSA-2016:2718",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2718.html"
}
]
}
}

240
2016/5xxx/CVE-2016-5284.json
View File

@ -1,122 +1,122 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5284",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[dailydave] 20160915 Deep down the certificate pinning rabbit hole of \"Tor Browser Exposed\"",
"refsource" : "MLIST",
"url" : "http://seclists.org/dailydave/2016/q3/51"
},
{
"name" : "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95",
"refsource" : "MISC",
"url" : "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95"
},
{
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html"
},
{
"name" : "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/",
"refsource" : "CONFIRM",
"url" : "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-86/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-86/"
},
{
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-88/",
"refsource" : "CONFIRM",
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-88/"
},
{
"name" : "DSA-3674",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2016/dsa-3674"
},
{
"name" : "GLSA-201701-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-15"
},
{
"name" : "RHSA-2016:1912",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1912.html"
},
{
"name" : "93049",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93049"
},
{
"name" : "1036852",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036852"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 rely on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for addons.mozilla.org signed by an arbitrary built-in Certification Authority."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-86/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-86/"
},
{
"name": "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/",
"refsource": "CONFIRM",
"url": "https://blog.mozilla.org/security/2016/09/16/update-on-add-on-pinning-vulnerability/"
},
{
"name": "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95",
"refsource": "MISC",
"url": "https://hackernoon.com/tor-browser-exposed-anti-privacy-implantation-at-mass-scale-bd68e9eb1e95"
},
{
"name": "DSA-3674",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3674"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1303127"
},
{
"name": "[dailydave] 20160915 Deep down the certificate pinning rabbit hole of \"Tor Browser Exposed\"",
"refsource": "MLIST",
"url": "http://seclists.org/dailydave/2016/q3/51"
},
{
"name": "GLSA-201701-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-15"
},
{
"name": "RHSA-2016:1912",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1912.html"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-88/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-88/"
},
{
"name": "93049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93049"
},
{
"name": "1036852",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036852"
}
]
}
}

150
2016/5xxx/CVE-2016-5450.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5450",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2016-5450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name" : "91787",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91787"
},
{
"name" : "91981",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/91981"
},
{
"name" : "1036400",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036400"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect integrity via vectors related to UIF Open UI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036400",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036400"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "91981",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91981"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
}
]
}
}

184
2016/5xxx/CVE-2016-5948.json
View File

@ -1,94 +1,94 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2016-5948",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Kenexa LCMS Premier on Cloud",
"version" : {
"version_data" : [
{
"version_value" : "9.0"
},
{
"version_value" : "9.1"
},
{
"version_value" : "9.2"
},
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.3.0"
},
{
"version_value" : "9.4.0"
},
{
"version_value" : "9.5.0"
},
{
"version_value" : "10.0.0"
},
{
"version_value" : "10.1.0"
},
{
"version_value" : "10.2.0"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-5948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kenexa LCMS Premier on Cloud",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.1"
},
{
"version_value": "9.2"
},
{
"version_value": "9.2.1"
},
{
"version_value": "9.3.0"
},
{
"version_value": "9.4.0"
},
{
"version_value": "9.5.0"
},
{
"version_value": "10.0.0"
},
{
"version_value": "10.1.0"
},
{
"version_value": "10.2.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21992067",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21992067"
},
{
"name" : "94388",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/94388"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21992067",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992067"
},
{
"name": "94388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94388"
}
]
}
}

34
2018/2xxx/CVE-2018-2088.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2088",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2088",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

34
2018/2xxx/CVE-2018-2252.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2252",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2252",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

384
2018/6xxx/CVE-2018-6499.json
View File

@ -1,194 +1,194 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@microfocus.com",
"DATE_PUBLIC" : "2018-08-30T18:00:00.000Z",
"ID" : "CVE-2018-6499",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : " Network Operations Management (NOM) Suite CDF",
"version" : {
"version_data" : [
{
"version_value" : "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name" : "Service Management Automation Suite",
"version" : {
"version_data" : [
{
"version_value" : "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name" : "Data Center Automation Containerized Suite",
"version" : {
"version_data" : [
{
"version_value" : "2017.01 until 2018.05"
}
]
}
},
{
"product_name" : "Operations Bridge Containerized Suite",
"version" : {
"version_data" : [
{
"version_value" : "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name" : "Hybrid Cloud Management Containerized Suite",
"version" : {
"version_data" : [
{
"version_value" : "HCM2017.11, HCM2018.02, HCM2018.05"
}
]
}
},
{
"product_name" : "Network Virtualization (NV) with floating licenses",
"version" : {
"version_data" : [
{
"version_value" : " using Any version using APLS older than 10.7"
}
]
}
},
{
"product_name" : "Unified Functional Testing (UFT) with floating licenses ",
"version" : {
"version_data" : [
{
"version_value" : " using Any version using APLS older than 10.7"
}
]
}
},
{
"product_name" : "Service Virtualization (SV) with floating licenses",
"version" : {
"version_data" : [
{
"version_value" : " using Any version using APLS older than 10.7"
}
]
}
}
]
},
"vendor_name" : "Micro Focus"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "ADJACENT_NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "HIGH",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2018-08-30T18:00:00.000Z",
"ID": "CVE-2018-6499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " Network Operations Management (NOM) Suite CDF",
"version": {
"version_data": [
{
"version_value": "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name": "Service Management Automation Suite",
"version": {
"version_data": [
{
"version_value": "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name": "Data Center Automation Containerized Suite",
"version": {
"version_data": [
{
"version_value": "2017.01 until 2018.05"
}
]
}
},
{
"product_name": "Operations Bridge Containerized Suite",
"version": {
"version_data": [
{
"version_value": "2017.11, 2018.02, 2018.05"
}
]
}
},
{
"product_name": "Hybrid Cloud Management Containerized Suite",
"version": {
"version_data": [
{
"version_value": "HCM2017.11, HCM2018.02, HCM2018.05"
}
]
}
},
{
"product_name": "Network Virtualization (NV) with floating licenses",
"version": {
"version_data": [
{
"version_value": " using Any version using APLS older than 10.7"
}
]
}
},
{
"product_name": "Unified Functional Testing (UFT) with floating licenses ",
"version": {
"version_data": [
{
"version_value": " using Any version using APLS older than 10.7"
}
]
}
},
{
"product_name": "Service Virtualization (SV) with floating licenses",
"version": {
"version_data": [
{
"version_value": " using Any version using APLS older than 10.7"
}
]
}
}
]
},
"vendor_name": "Micro Focus"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO"
},
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648"
},
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
},
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
},
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722"
},
{
"name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726",
"refsource" : "CONFIRM",
"url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726"
}
]
},
"source" : {
"defect" : [
"Micro",
"Focus",
"Autopass",
"License",
"Server",
"(APLS)",
"Remote",
"Code",
"Execution"
],
"discovery" : "UNKNOWN"
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
],
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236722"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236648"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632?lang=en&cc=us&hpappid=206728_SSO_PRO"
},
{
"name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726",
"refsource": "CONFIRM",
"url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236726"
}
]
},
"source": {
"defect": [
"Micro",
"Focus",
"Autopass",
"License",
"Server",
"(APLS)",
"Remote",
"Code",
"Execution"
],
"discovery": "UNKNOWN"
}
}

120
2018/6xxx/CVE-2018-6579.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6579",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "43950",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43950"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43950",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43950"
}
]
}
}

34
2018/6xxx/CVE-2018-6601.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6601",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6601",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0415.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0415",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0415",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/0xxx/CVE-2019-0430.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0430",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0430",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

130
2019/0xxx/CVE-2019-0728.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2019-0728",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Visual Studio Code",
"version" : {
"version_data" : [
{
"version_value" : ""
}
]
}
}
]
},
"vendor_name" : "Microsoft"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2019-0728",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Visual Studio Code",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728"
},
{
"name" : "106913",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/106913"
}
]
}
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project, aka 'Visual Studio Code Remote Code Execution Vulnerability'."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106913",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106913"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0728"
}
]
}
}

34
2019/1000xxx/CVE-2019-1000041.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1000041",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-7575, CVE-2019-7577. Reason: This candidate is a reservation duplicate of CVE-2019-7575 and/or CVE-2019-7577. Notes: All CVE users should reference CVE-2019-7575 and/or CVE-2019-7577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-1000041",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-7575, CVE-2019-7577. Reason: This candidate is a reservation duplicate of CVE-2019-7575 and/or CVE-2019-7577. Notes: All CVE users should reference CVE-2019-7575 and/or CVE-2019-7577 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}

34
2019/1xxx/CVE-2019-1055.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1055",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1055",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1360.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1360",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1360",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1362.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1362",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1362",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1450.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1450",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1450",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/1xxx/CVE-2019-1810.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1810",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1810",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/4xxx/CVE-2019-4795.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-4795",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-4795",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5039.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5039",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5039",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5241.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5241",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5241",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5334.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5334",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5334",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

34
2019/5xxx/CVE-2019-5463.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5463",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5463",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}