admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:55:42 +00:00
parent e763c4a435
commit 69507580de
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
67 changed files with 3839 additions and 3839 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2007/0xxx/CVE-2007-0398.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0398", "ID": "CVE-2007-0398",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in forum.php3 in Arnaud Guyonne (aka Arnotic) a-forum allow remote attackers to inject arbitrary web script or HTML via the (1) Sujet or (2) Pseudo field." "value": "Multiple cross-site scripting (XSS) vulnerabilities in forum.php3 in Arnaud Guyonne (aka Arnotic) a-forum allow remote attackers to inject arbitrary web script or HTML via the (1) Sujet or (2) Pseudo field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070119 a-forum xss", "name": "20070119 a-forum xss",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/457503/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/457503/100/0/threaded"
}, },
{ {
"name" : "20070122 a-forum xss - who? what? where?", "name": "aforum-unspecified-xss(31610)",
"refsource" : "VIM", "refsource": "XF",
"url" : "http://www.attrition.org/pipermail/vim/2007-January/001249.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31610"
}, },
{ {
"name" : "aforum-unspecified-xss(31610)", "name": "20070122 a-forum xss - who? what? where?",
"refsource" : "XF", "refsource": "VIM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31610" "url": "http://www.attrition.org/pipermail/vim/2007-January/001249.html"
} }
] ]
} }

116
2007/0xxx/CVE-2007-0445.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0445", "ID": "CVE-2007-0445",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives." "value": "Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070405 ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability", "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/464878/100/0/threaded" "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html", "name": "24778",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html" "url": "http://secunia.com/advisories/24778"
}, },
{ {
"name" : "http://www.kaspersky.com/technews?id=203038693", "name": "1017882",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.kaspersky.com/technews?id=203038693" "url": "http://www.securitytracker.com/id?1017882"
}, },
{ {
"name" : "http://www.kaspersky.com/technews?id=203038694", "name": "http://www.kaspersky.com/technews?id=203038694",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.kaspersky.com/technews?id=203038694" "url": "http://www.kaspersky.com/technews?id=203038694"
}, },
{ {
"name" : "23346", "name": "ADV-2007-1268",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/23346" "url": "http://www.vupen.com/english/advisories/2007/1268"
}, },
{ {
"name" : "ADV-2007-1268", "name": "20070405 ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2007/1268" "url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
}, },
{ {
"name" : "1017882", "name": "kaspersky-arj-bo(33489)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://www.securitytracker.com/id?1017882" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
}, },
{ {
"name" : "1017883", "name": "23346",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id?1017883" "url": "http://www.securityfocus.com/bid/23346"
}, },
{ {
"name" : "24778", "name": "http://www.kaspersky.com/technews?id=203038693",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/24778" "url": "http://www.kaspersky.com/technews?id=203038693"
}, },
{ {
"name" : "kaspersky-arj-bo(33489)", "name": "1017883",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489" "url": "http://www.securitytracker.com/id?1017883"
} }
] ]
} }

104
2007/0xxx/CVE-2007-0742.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0742", "ID": "CVE-2007-0742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information." "value": "The WebFoundation framework in Apple Mac OS X 10.3.9 and earlier allows subdomain cookies to be accessed by the parent domain, which allows remote attackers to obtain sensitive information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=305391", "name": "34866",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://docs.info.apple.com/article.html?artnum=305391" "url": "http://www.osvdb.org/34866"
}, },
{ {
"name" : "APPLE-SA-2007-04-19", "name": "24966",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" "url": "http://secunia.com/advisories/24966"
}, },
{ {
"name" : "TA07-109A", "name": "http://docs.info.apple.com/article.html?artnum=305391",
"refsource" : "CERT", "refsource": "CONFIRM",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" "url": "http://docs.info.apple.com/article.html?artnum=305391"
}, },
{ {
"name" : "23569", "name": "23569",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/23569" "url": "http://www.securityfocus.com/bid/23569"
}, },
{ {
"name" : "ADV-2007-1470", "name": "1017942",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2007/1470" "url": "http://www.securitytracker.com/id?1017942"
}, },
{ {
"name" : "34866", "name": "TA07-109A",
"refsource" : "OSVDB", "refsource": "CERT",
"url" : "http://www.osvdb.org/34866" "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
}, },
{ {
"name" : "1017942", "name": "APPLE-SA-2007-04-19",
"refsource" : "SECTRACK", "refsource": "APPLE",
"url" : "http://www.securitytracker.com/id?1017942" "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
}, },
{ {
"name" : "24966", "name": "ADV-2007-1470",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/24966" "url": "http://www.vupen.com/english/advisories/2007/1470"
} }
] ]
} }

80
2007/1xxx/CVE-2007-1031.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1031", "ID": "CVE-2007-1031",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter." "value": "Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3326", "name": "35159",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/3326" "url": "http://osvdb.org/35159"
}, },
{ {
"name" : "22600", "name": "3326",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/22600" "url": "https://www.exploit-db.com/exploits/3326"
}, },
{ {
"name" : "35159", "name": "22600",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/35159" "url": "http://www.securityfocus.com/bid/22600"
}, },
{ {
"name" : "vivvo-dbconn-file-include(32553)", "name": "vivvo-dbconn-file-include(32553)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32553" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32553"
} }
] ]
} }

74
2007/1xxx/CVE-2007-1237.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1237", "ID": "CVE-2007-1237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error." "value": "sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value for certain parameters, as demonstrated by parameters used in forum and search, which forces a SQL error."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070223 sitex multiple vulnerabilities", "name": "20070223 sitex multiple vulnerabilities",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/461305/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"
}, },
{ {
"name" : "33154", "name": "33154",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/33154" "url": "http://osvdb.org/33154"
}, },
{ {
"name" : "2373", "name": "2373",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/2373" "url": "http://securityreason.com/securityalert/2373"
} }
] ]
} }

80
2007/1xxx/CVE-2007-1381.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1381", "ID": "CVE-2007-1381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow." "value": "The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.php-security.org/MOPB/MOPB-09-2007.html", "name": "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?revision=1.119.2.10.2.14&view=markup",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.php-security.org/MOPB/MOPB-09-2007.html" "url": "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?revision=1.119.2.10.2.14&view=markup"
}, },
{ {
"name" : "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?revision=1.119.2.10.2.14&view=markup", "name": "http://www.php-security.org/MOPB/MOPB-09-2007.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?revision=1.119.2.10.2.14&view=markup" "url": "http://www.php-security.org/MOPB/MOPB-09-2007.html"
}, },
{ {
"name" : "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.13&r2=1.119.2.10.2.14", "name": "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.13&r2=1.119.2.10.2.14",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.13&r2=1.119.2.10.2.14" "url": "http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.13&r2=1.119.2.10.2.14"
}, },
{ {
"name" : "32775", "name": "32775",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/32775" "url": "http://www.osvdb.org/32775"
} }
] ]
} }

86
2007/1xxx/CVE-2007-1778.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1778", "ID": "CVE-2007-1778",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." "value": "PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3591", "name": "37195",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/3591" "url": "http://osvdb.org/37195"
}, },
{ {
"name" : "23176", "name": "evenuke-mysql-file-include(33285)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/23176" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33285"
}, },
{ {
"name" : "ADV-2007-1138", "name": "3591",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2007/1138" "url": "https://www.exploit-db.com/exploits/3591"
}, },
{ {
"name" : "37195", "name": "ADV-2007-1138",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/37195" "url": "http://www.vupen.com/english/advisories/2007/1138"
}, },
{ {
"name" : "evenuke-mysql-file-include(33285)", "name": "23176",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33285" "url": "http://www.securityfocus.com/bid/23176"
} }
] ]
} }

122
2007/4xxx/CVE-2007-4273.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4273", "ID": "CVE-2007-4273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a \"crafted localized message file\" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm)." "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a \"crafted localized message file\" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070816 IBM DB2 Universal Database Directory Creation Vulnerability", "name": "db2-message-file-format-string(36106)",
"refsource" : "IDEFENSE", "refsource": "XF",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
}, },
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255352", "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255352" "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
}, },
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607", "name": "20070818 Recent DB2 Vulnerabilities",
"refsource" : "CONFIRM", "refsource": "VIM",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255607" "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
}, },
{ {
"name" : "IY98011", "name": "ADV-2007-2912",
"refsource" : "AIXAPAR", "refsource": "VUPEN",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011" "url": "http://www.vupen.com/english/advisories/2007/2912"
}, },
{ {
"name" : "IY98101", "name": "20070816 IBM DB2 Universal Database Directory Creation Vulnerability",
"refsource" : "AIXAPAR", "refsource": "IDEFENSE",
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
}, },
{ {
"name" : "20070818 Recent DB2 Vulnerabilities", "name": "25339",
"refsource" : "VIM", "refsource": "BID",
"url" : "http://www.attrition.org/pipermail/vim/2007-August/001765.html" "url": "http://www.securityfocus.com/bid/25339"
}, },
{ {
"name" : "25339", "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/25339" "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
}, },
{ {
"name" : "ADV-2007-2912", "name": "1018581",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2007/2912" "url": "http://securitytracker.com/id?1018581"
}, },
{ {
"name" : "1018581", "name": "26471",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1018581" "url": "http://secunia.com/advisories/26471"
}, },
{ {
"name" : "26471", "name": "IY98101",
"refsource" : "SECUNIA", "refsource": "AIXAPAR",
"url" : "http://secunia.com/advisories/26471" "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
}, },
{ {
"name" : "db2-message-file-format-string(36106)", "name": "IY98011",
"refsource" : "XF", "refsource": "AIXAPAR",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106" "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
} }
] ]
} }

182
2007/4xxx/CVE-2007-4560.json
View File

@ -1,161 +1,161 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4560", "ID": "CVE-2007-4560",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the \"recipient field of sendmail.\"" "value": "clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the \"recipient field of sendmail.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070824 n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory", "name": "GLSA-200709-14",
"refsource" : "BUGTRAQ", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/archive/1/477723/100/0/threaded" "url": "http://security.gentoo.org/glsa/glsa-200709-14.xml"
}, },
{ {
"name" : "http://www.nruns.com/security_advisory_clamav_remote_code_exection.php", "name": "3063",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://www.nruns.com/security_advisory_clamav_remote_code_exection.php" "url": "http://securityreason.com/securityalert/3063"
}, },
{ {
"name" : "http://docs.info.apple.com/article.html?artnum=307562", "name": "26822",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://docs.info.apple.com/article.html?artnum=307562" "url": "http://secunia.com/advisories/26822"
}, },
{ {
"name" : "APPLE-SA-2008-03-18", "name": "26916",
"refsource" : "APPLE", "refsource": "SECUNIA",
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" "url": "http://secunia.com/advisories/26916"
}, },
{ {
"name" : "DSA-1366", "name": "20070824 n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory",
"refsource" : "DEBIAN", "refsource": "BUGTRAQ",
"url" : "http://www.debian.org/security/2007/dsa-1366" "url": "http://www.securityfocus.com/archive/1/477723/100/0/threaded"
}, },
{ {
"name" : "FEDORA-2007-2050", "name": "26683",
"refsource" : "FEDORA", "refsource": "SECUNIA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html" "url": "http://secunia.com/advisories/26683"
}, },
{ {
"name" : "GLSA-200709-14", "name": "http://www.nruns.com/security_advisory_clamav_remote_code_exection.php",
"refsource" : "GENTOO", "refsource": "MISC",
"url" : "http://security.gentoo.org/glsa/glsa-200709-14.xml" "url": "http://www.nruns.com/security_advisory_clamav_remote_code_exection.php"
}, },
{ {
"name" : "MDKSA-2007:172", "name": "FEDORA-2007-2050",
"refsource" : "MANDRIVA", "refsource": "FEDORA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172" "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html"
}, },
{ {
"name" : "SUSE-SR:2007:018", "name": "DSA-1366",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://www.novell.com/linux/security/advisories/2007_18_sr.html" "url": "http://www.debian.org/security/2007/dsa-1366"
}, },
{ {
"name" : "2007-0026", "name": "ADV-2008-0924",
"refsource" : "TRUSTIX", "refsource": "VUPEN",
"url" : "http://www.trustix.org/errata/2007/0026/" "url": "http://www.vupen.com/english/advisories/2008/0924/references"
}, },
{ {
"name" : "25439", "name": "2007-0026",
"refsource" : "BID", "refsource": "TRUSTIX",
"url" : "http://www.securityfocus.com/bid/25439" "url": "http://www.trustix.org/errata/2007/0026/"
}, },
{ {
"name" : "ADV-2008-0924", "name": "29420",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/0924/references" "url": "http://secunia.com/advisories/29420"
}, },
{ {
"name" : "1018610", "name": "SUSE-SR:2007:018",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://www.securitytracker.com/id?1018610" "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html"
}, },
{ {
"name" : "26674", "name": "APPLE-SA-2008-03-18",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/26674" "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
}, },
{ {
"name" : "26654", "name": "26751",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/26654" "url": "http://secunia.com/advisories/26751"
}, },
{ {
"name" : "26683", "name": "1018610",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/26683" "url": "http://www.securitytracker.com/id?1018610"
}, },
{ {
"name" : "26751", "name": "26654",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/26751" "url": "http://secunia.com/advisories/26654"
}, },
{ {
"name" : "26822", "name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/26822" "url": "http://docs.info.apple.com/article.html?artnum=307562"
}, },
{ {
"name" : "26916", "name": "MDKSA-2007:172",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/26916" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:172"
}, },
{ {
"name" : "29420", "name": "26674",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/29420" "url": "http://secunia.com/advisories/26674"
}, },
{ {
"name" : "3063", "name": "25439",
"refsource" : "SREASON", "refsource": "BID",
"url" : "http://securityreason.com/securityalert/3063" "url": "http://www.securityfocus.com/bid/25439"
} }
] ]
} }

62
2007/4xxx/CVE-2007-4885.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4885", "ID": "CVE-2007-4885",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Avnex AV MP3 Player allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error." "value": "Avnex AV MP3 Player allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability", "name": "20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-09/0154.html"
} }
] ]
} }

218
2007/4xxx/CVE-2007-4985.json
View File

@ -1,191 +1,191 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4985", "ID": "CVE-2007-4985",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls." "value": "ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in the ReadXCFImage function, related to ReadBlobMSBLong function calls."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities", "name": "27364",
"refsource" : "IDEFENSE", "refsource": "SECUNIA",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596" "url": "http://secunia.com/advisories/27364"
}, },
{ {
"name" : "20071112 FLEA-2007-0066-1 ImageMagick", "name": "29857",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/483572/100/0/threaded" "url": "http://secunia.com/advisories/29857"
}, },
{ {
"name" : "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates", "name": "RHSA-2008:0145",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html" "url": "http://www.redhat.com/support/errata/RHSA-2008-0145.html"
}, },
{ {
"name" : "http://www.imagemagick.org/script/changelog.php", "name": "20071112 FLEA-2007-0066-1 ImageMagick",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://www.imagemagick.org/script/changelog.php" "url": "http://www.securityfocus.com/archive/1/483572/100/0/threaded"
}, },
{ {
"name" : "https://issues.rpath.com/browse/RPL-1743", "name": "USN-523-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://issues.rpath.com/browse/RPL-1743" "url": "http://www.ubuntu.com/usn/usn-523-1"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=186030", "name": "27309",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=186030" "url": "http://secunia.com/advisories/27309"
}, },
{ {
"name" : "DSA-1858", "name": "29786",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2009/dsa-1858" "url": "http://secunia.com/advisories/29786"
}, },
{ {
"name" : "GLSA-200710-27", "name": "http://www.imagemagick.org/script/changelog.php",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-200710-27.xml" "url": "http://www.imagemagick.org/script/changelog.php"
}, },
{ {
"name" : "MDVSA-2008:035", "name": "ADV-2007-3245",
"refsource" : "MANDRIVA", "refsource": "VUPEN",
"url" : "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035" "url": "http://www.vupen.com/english/advisories/2007/3245"
}, },
{ {
"name" : "RHSA-2008:0145", "name": "GLSA-200710-27",
"refsource" : "REDHAT", "refsource": "GENTOO",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0145.html" "url": "http://security.gentoo.org/glsa/glsa-200710-27.xml"
}, },
{ {
"name" : "RHSA-2008:0165", "name": "1018729",
"refsource" : "REDHAT", "refsource": "SECTRACK",
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0165.html" "url": "http://www.securitytracker.com/id?1018729"
}, },
{ {
"name" : "SUSE-SR:2007:023", "name": "oval:org.mitre.oval:def:10869",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://www.novell.com/linux/security/advisories/2007_23_sr.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869"
}, },
{ {
"name" : "USN-523-1", "name": "imagemagick-readdcmimage-readxcfimage-dos(36740)",
"refsource" : "UBUNTU", "refsource": "XF",
"url" : "http://www.ubuntu.com/usn/usn-523-1" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740"
}, },
{ {
"name" : "25764", "name": "27048",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/25764" "url": "http://secunia.com/advisories/27048"
}, },
{ {
"name" : "oval:org.mitre.oval:def:10869", "name": "RHSA-2008:0165",
"refsource" : "OVAL", "refsource": "REDHAT",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10869" "url": "http://www.redhat.com/support/errata/RHSA-2008-0165.html"
}, },
{ {
"name" : "36260", "name": "28721",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/36260" "url": "http://secunia.com/advisories/28721"
}, },
{ {
"name" : "ADV-2007-3245", "name": "27439",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/3245" "url": "http://secunia.com/advisories/27439"
}, },
{ {
"name" : "1018729", "name": "https://issues.rpath.com/browse/RPL-1743",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1018729" "url": "https://issues.rpath.com/browse/RPL-1743"
}, },
{ {
"name" : "26926", "name": "DSA-1858",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/26926" "url": "http://www.debian.org/security/2009/dsa-1858"
}, },
{ {
"name" : "27048", "name": "[Magick-announce] 20070917 ImageMagick 6.3.5-9, important security updates",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/27048" "url": "http://studio.imagemagick.org/pipermail/magick-announce/2007-September/000037.html"
}, },
{ {
"name" : "27309", "name": "26926",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27309" "url": "http://secunia.com/advisories/26926"
}, },
{ {
"name" : "27364", "name": "MDVSA-2008:035",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/27364" "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2008:035"
}, },
{ {
"name" : "27439", "name": "20070919 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities",
"refsource" : "SECUNIA", "refsource": "IDEFENSE",
"url" : "http://secunia.com/advisories/27439" "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=596"
}, },
{ {
"name" : "28721", "name": "25764",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/28721" "url": "http://www.securityfocus.com/bid/25764"
}, },
{ {
"name" : "29786", "name": "http://bugs.gentoo.org/show_bug.cgi?id=186030",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/29786" "url": "http://bugs.gentoo.org/show_bug.cgi?id=186030"
}, },
{ {
"name" : "29857", "name": "SUSE-SR:2007:023",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/29857" "url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
}, },
{ {
"name" : "imagemagick-readdcmimage-readxcfimage-dos(36740)", "name": "36260",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36740" "url": "http://secunia.com/advisories/36260"
} }
] ]
} }

92
2007/5xxx/CVE-2007-5308.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5308", "ID": "CVE-2007-5308",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action." "value": "SQL injection vulnerability in galerie.php in PHP Homepage M (phpHPm) 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "4501", "name": "4501",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4501" "url": "https://www.exploit-db.com/exploits/4501"
}, },
{ {
"name" : "25978", "name": "25978",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/25978" "url": "http://www.securityfocus.com/bid/25978"
}, },
{ {
"name" : "ADV-2007-3419", "name": "27131",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2007/3419" "url": "http://secunia.com/advisories/27131"
}, },
{ {
"name" : "37617", "name": "ADV-2007-3419",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/37617" "url": "http://www.vupen.com/english/advisories/2007/3419"
}, },
{ {
"name" : "27131", "name": "phphomepage-galerie-sql-injection(36998)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/27131" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36998"
}, },
{ {
"name" : "phphomepage-galerie-sql-injection(36998)", "name": "37617",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36998" "url": "http://osvdb.org/37617"
} }
] ]
} }

68
2007/5xxx/CVE-2007-5942.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5942", "ID": "CVE-2007-5942",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for index.php with (1) a certain func parameter value; or (2) certain func, jid, page, and limit parameter values; which reveals the path in various error messages." "value": "Bandersnatch 0.4 allows remote attackers to obtain sensitive information via a malformed request for index.php with (1) a certain func parameter value; or (2) certain func, jid, page, and limit parameter values; which reveals the path in various error messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.portcullis-security.com/175.php", "name": "bandersnatch-index-path-disclosure(38308)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.portcullis-security.com/175.php" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38308"
}, },
{ {
"name" : "bandersnatch-index-path-disclosure(38308)", "name": "http://www.portcullis-security.com/175.php",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38308" "url": "http://www.portcullis-security.com/175.php"
} }
] ]
} }

74
2015/2xxx/CVE-2015-2359.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2359", "ID": "CVE-2015-2359",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Exchange HTML Injection Vulnerability.\"" "value": "Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka \"Exchange HTML Injection Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS15-064", "name": "MS15-064",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-064" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-064"
}, },
{ {
"name" : "75013", "name": "1032528",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/75013" "url": "http://www.securitytracker.com/id/1032528"
}, },
{ {
"name" : "1032528", "name": "75013",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1032528" "url": "http://www.securityfocus.com/bid/75013"
} }
] ]
} }

68
2015/2xxx/CVE-2015-2544.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2544", "ID": "CVE-2015-2544",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka \"Exchange Spoofing Vulnerability.\"" "value": "Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, aka \"Exchange Spoofing Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS15-103", "name": "1033495",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-103" "url": "http://www.securitytracker.com/id/1033495"
}, },
{ {
"name" : "1033495", "name": "MS15-103",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1033495" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-103"
} }
] ]
} }

62
2015/2xxx/CVE-2015-2847.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-2847", "ID": "CVE-2015-2847",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream." "value": "Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data stream."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "VU#857948", "name": "VU#857948",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/857948" "url": "http://www.kb.cert.org/vuls/id/857948"
} }
] ]
} }

62
2015/2xxx/CVE-2015-2870.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-2870", "ID": "CVE-2015-2870",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element." "value": "Cross-site scripting (XSS) vulnerability on Chiyu BF-630, BF-630W, and BF-660C fingerprint access-control devices allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "VU#360431", "name": "VU#360431",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/360431" "url": "http://www.kb.cert.org/vuls/id/360431"
} }
] ]
} }

86
2015/3xxx/CVE-2015-3142.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3142", "ID": "CVE-2015-3142",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application." "value": "The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensitive information by leveraging write permissions to the working directory of a crashed application."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150417 Re: Problems in automatic crash analysis frameworks", "name": "RHSA-2015:1083",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://www.openwall.com/lists/oss-security/2015/04/17/5" "url": "http://rhn.redhat.com/errata/RHSA-2015-1083.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1212818", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1212818",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1212818" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1212818"
}, },
{ {
"name" : "RHSA-2015:1083", "name": "[oss-security] 20150417 Re: Problems in automatic crash analysis frameworks",
"refsource" : "REDHAT", "refsource": "MLIST",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1083.html" "url": "http://www.openwall.com/lists/oss-security/2015/04/17/5"
}, },
{ {
"name" : "RHSA-2015:1210", "name": "75116",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1210.html" "url": "http://www.securityfocus.com/bid/75116"
}, },
{ {
"name" : "75116", "name": "RHSA-2015:1210",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/75116" "url": "http://rhn.redhat.com/errata/RHSA-2015-1210.html"
} }
] ]
} }

22
2015/3xxx/CVE-2015-3535.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3535", "ID": "CVE-2015-3535",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

110
2015/3xxx/CVE-2015-3812.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3812", "ID": "CVE-2015-3812",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet." "value": "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-15.html", "name": "RHSA-2017:0631",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-15.html" "url": "http://rhn.redhat.com/errata/RHSA-2017-0631.html"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088", "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8ccc2a6add29823a0ff0492fc50372449007e7b",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088" "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8ccc2a6add29823a0ff0492fc50372449007e7b"
}, },
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8ccc2a6add29823a0ff0492fc50372449007e7b", "name": "DSA-3277",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8ccc2a6add29823a0ff0492fc50372449007e7b" "url": "http://www.debian.org/security/2015/dsa-3277"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088"
}, },
{ {
"name" : "DSA-3277", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2015/dsa-3277" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"
}, },
{ {
"name" : "GLSA-201510-03", "name": "GLSA-201510-03",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201510-03" "url": "https://security.gentoo.org/glsa/201510-03"
}, },
{ {
"name" : "RHSA-2017:0631", "name": "74637",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0631.html" "url": "http://www.securityfocus.com/bid/74637"
}, },
{ {
"name" : "74637", "name": "http://www.wireshark.org/security/wnpa-sec-2015-15.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/74637" "url": "http://www.wireshark.org/security/wnpa-sec-2015-15.html"
} }
] ]
} }

62
2015/3xxx/CVE-2015-3938.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-3938", "ID": "CVE-2015-3938",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices before April 2015 allows remote attackers to cause a denial of service (device outage) via a long parameter." "value": "The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices before April 2015 allows remote attackers to cause a denial of service (device outage) via a long parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-146-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-146-01",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-146-01" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-146-01"
} }
] ]
} }

22
2015/6xxx/CVE-2015-6025.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6025", "ID": "CVE-2015-6025",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2015/6xxx/CVE-2015-6045.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6045", "ID": "CVE-2015-6045",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts with use of the Cascading Style Sheets (CSS) empty-cells property for a TABLE element, aka \"Internet Explorer Memory Corruption Vulnerability.\"" "value": "Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript that improperly interacts with use of the Cascading Style Sheets (CSS) empty-cells property for a TABLE element, aka \"Internet Explorer Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-523/", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-523",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-523/" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-523"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-523", "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-523/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-523" "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-523/"
}, },
{ {
"name" : "MS15-106", "name": "MS15-106",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
} }
] ]
} }

68
2015/6xxx/CVE-2015-6109.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6109", "ID": "CVE-2015-6109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka \"Windows Kernel Memory Information Disclosure Vulnerability.\"" "value": "The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka \"Windows Kernel Memory Information Disclosure Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS15-115", "name": "MS15-115",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-115"
}, },
{ {
"name" : "1034114", "name": "1034114",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034114" "url": "http://www.securitytracker.com/id/1034114"
} }
] ]
} }

68
2015/6xxx/CVE-2015-6464.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-6464", "ID": "CVE-2015-6464",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin." "value": "The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to bypass a read-only protection mechanism by using Firefox with a web-developer plugin."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-03"
}, },
{ {
"name" : "http://www.moxa.com/support/download.aspx?type=support&id=328", "name": "http://www.moxa.com/support/download.aspx?type=support&id=328",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.moxa.com/support/download.aspx?type=support&id=328" "url": "http://www.moxa.com/support/download.aspx?type=support&id=328"
} }
] ]
} }

74
2015/7xxx/CVE-2015-7030.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7030", "ID": "CVE-2015-7030",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors." "value": "The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT205379", "name": "APPLE-SA-2015-10-21-7",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT205379" "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00008.html"
}, },
{ {
"name" : "APPLE-SA-2015-10-21-7", "name": "1033930",
"refsource" : "APPLE", "refsource": "SECTRACK",
"url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00008.html" "url": "http://www.securitytracker.com/id/1033930"
}, },
{ {
"name" : "1033930", "name": "https://support.apple.com/HT205379",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1033930" "url": "https://support.apple.com/HT205379"
} }
] ]
} }

98
2015/7xxx/CVE-2015-7065.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-7065", "ID": "CVE-2015-7065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site." "value": "OpenGL in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT205635", "name": "https://support.apple.com/HT205635",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT205635" "url": "https://support.apple.com/HT205635"
}, },
{ {
"name" : "https://support.apple.com/HT205637", "name": "https://support.apple.com/HT205637",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT205637" "url": "https://support.apple.com/HT205637"
}, },
{ {
"name" : "https://support.apple.com/HT205640", "name": "1034344",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT205640" "url": "http://www.securitytracker.com/id/1034344"
}, },
{ {
"name" : "APPLE-SA-2015-12-08-1", "name": "APPLE-SA-2015-12-08-3",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html"
}, },
{ {
"name" : "APPLE-SA-2015-12-08-2", "name": "APPLE-SA-2015-12-08-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2015-12-08-3", "name": "https://support.apple.com/HT205640",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" "url": "https://support.apple.com/HT205640"
}, },
{ {
"name" : "1034344", "name": "APPLE-SA-2015-12-08-2",
"refsource" : "SECTRACK", "refsource": "APPLE",
"url" : "http://www.securitytracker.com/id/1034344" "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html"
} }
] ]
} }

68
2015/7xxx/CVE-2015-7781.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-7781", "ID": "CVE-2015-7781",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions." "value": "ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "JVN#12991684", "name": "JVNDB-2015-000186",
"refsource" : "JVN", "refsource": "JVNDB",
"url" : "http://jvn.jp/en/jp/JVN12991684/index.html" "url": "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000186.html"
}, },
{ {
"name" : "JVNDB-2015-000186", "name": "JVN#12991684",
"refsource" : "JVNDB", "refsource": "JVN",
"url" : "http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000186.html" "url": "http://jvn.jp/en/jp/JVN12991684/index.html"
} }
] ]
} }

74
2016/0xxx/CVE-2016-0357.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0357", "ID": "CVE-2016-0357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site." "value": "IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985736" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985736"
}, },
{ {
"name" : "87528", "name": "87528",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/87528" "url": "http://www.securityfocus.com/bid/87528"
}, },
{ {
"name" : "1036255", "name": "1036255",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1036255" "url": "http://www.securitytracker.com/id/1036255"
} }
] ]
} }

68
2016/0xxx/CVE-2016-0465.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0465", "ID": "CVE-2016-0465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect availability via unknown vectors related to Resource Group Manager." "value": "Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4 allows local users to affect availability via unknown vectors related to Resource Group Manager."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}, },
{ {
"name" : "1034735", "name": "1034735",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034735" "url": "http://www.securitytracker.com/id/1034735"
} }
] ]
} }

68
2016/0xxx/CVE-2016-0715.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC" : "2015-01-18T00:00:00", "DATE_PUBLIC": "2015-01-18T00:00:00",
"ID" : "CVE-2016-0715", "ID": "CVE-2016-0715",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Pivotal Cloud Foundry Elastic Runtime", "product_name": "Pivotal Cloud Foundry Elastic Runtime",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.4.0 through 1.4.5" "version_value": "1.4.0 through 1.4.5"
}, },
{ {
"version_value" : "1.5.0 through 1.5.11" "version_value": "1.5.0 through 1.5.11"
}, },
{ {
"version_value" : "1.6.0 through 1.6.11" "version_value": "1.6.0 through 1.6.11"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Pivotal" "vendor_name": "Pivotal"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present." "value": "Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote information disclosure. It was found that original mitigation configuration instructions provided as part of CVE-2016-0708 were incomplete and could leave PHP Buildpack, Staticfile Buildpack and potentially other custom Buildpack applications vulnerable to remote information disclosure. Affected applications use automated buildpack detection, serve files directly from the root of the application and have a buildpack that matched after the Java Buildpack in the system buildpack priority when Java Buildpack versions 2.0 through 3.4 were present."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-200" "value": "CWE-200"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://pivotal.io/security/cve-2016-0715", "name": "https://pivotal.io/security/cve-2016-0715",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://pivotal.io/security/cve-2016-0715" "url": "https://pivotal.io/security/cve-2016-0715"
} }
] ]
} }

80
2016/0xxx/CVE-2016-0917.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0917", "ID": "CVE-2016-0917",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote attackers to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231." "value": "The SMB service in EMC VNXe (VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638), VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra (all supported versions) does not prevent duplicate NTLM challenge-response nonces, which makes it easier for remote attackers to execute arbitrary code, or read or write to files, via a series of authentication requests, a related issue to CVE-2010-0231."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160919 ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability", "name": "1036843",
"refsource" : "BUGTRAQ", "refsource": "SECTRACK",
"url" : "http://seclists.org/bugtraq/2016/Sep/32" "url": "http://www.securitytracker.com/id/1036843"
}, },
{ {
"name" : "http://www.securityfocus.com/archive/1/539993/30/0/threaded", "name": "http://www.securityfocus.com/archive/1/539993/30/0/threaded",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/539993/30/0/threaded" "url": "http://www.securityfocus.com/archive/1/539993/30/0/threaded"
}, },
{ {
"name" : "93023", "name": "20160919 ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/93023" "url": "http://seclists.org/bugtraq/2016/Sep/32"
}, },
{ {
"name" : "1036843", "name": "93023",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1036843" "url": "http://www.securityfocus.com/bid/93023"
} }
] ]
} }

22
2016/1000xxx/CVE-2016-1000259.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-1000259", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-1000259",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10326. Reason: This candidate is a reservation duplicate of CVE-2016-10326. Notes: All CVE users should reference CVE-2016-10326 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-10326. Reason: This candidate is a reservation duplicate of CVE-2016-10326. Notes: All CVE users should reference CVE-2016-10326 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

86
2016/1xxx/CVE-2016-1524.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-1524", "ID": "CVE-2016-1524",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI." "value": "Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-1.0/external/flash/fileUpload.do to upload a JSP file, and then accessing it via a direct request for a /null URI."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", "name": "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/537446/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/537446/100/0/threaded"
}, },
{ {
"name" : "39412", "name": "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300",
"refsource" : "EXPLOIT-DB", "refsource": "FULLDISC",
"url" : "https://www.exploit-db.com/exploits/39412/" "url": "http://seclists.org/fulldisclosure/2016/Feb/30"
}, },
{ {
"name" : "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", "name": "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2016/Feb/30" "url": "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html", "name": "39412",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html" "url": "https://www.exploit-db.com/exploits/39412/"
}, },
{ {
"name" : "VU#777024", "name": "VU#777024",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/777024" "url": "http://www.kb.cert.org/vuls/id/777024"
} }
] ]
} }

22
2016/1xxx/CVE-2016-1579.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1579", "ID": "CVE-2016-1579",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

80
2016/1xxx/CVE-2016-1771.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1771", "ID": "CVE-2016-1771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site." "value": "The Downloads feature in Apple Safari before 9.1 mishandles file expansion, which allows remote attackers to cause a denial of service via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT206171", "name": "1035354",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT206171" "url": "http://www.securitytracker.com/id/1035354"
}, },
{ {
"name" : "APPLE-SA-2016-03-21-6", "name": "APPLE-SA-2016-03-21-6",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html" "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00005.html"
}, },
{ {
"name" : "85055", "name": "85055",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/85055" "url": "http://www.securityfocus.com/bid/85055"
}, },
{ {
"name" : "1035354", "name": "https://support.apple.com/HT206171",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1035354" "url": "https://support.apple.com/HT206171"
} }
] ]
} }

98
2016/4xxx/CVE-2016-4130.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4130", "ID": "CVE-2016-4130",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "name": "1036117",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" "url": "http://www.securitytracker.com/id/1036117"
}, },
{ {
"name" : "MS16-083", "name": "MS16-083",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
}, },
{ {
"name" : "RHSA-2016:1238", "name": "openSUSE-SU-2016:1625",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "https://access.redhat.com/errata/RHSA-2016:1238" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
}, },
{ {
"name" : "SUSE-SU-2016:1613", "name": "RHSA-2016:1238",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" "url": "https://access.redhat.com/errata/RHSA-2016:1238"
}, },
{ {
"name" : "openSUSE-SU-2016:1621", "name": "openSUSE-SU-2016:1621",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
}, },
{ {
"name" : "openSUSE-SU-2016:1625", "name": "SUSE-SU-2016:1613",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
}, },
{ {
"name" : "1036117", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036117" "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
} }
] ]
} }

116
2016/4xxx/CVE-2016-4626.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4626", "ID": "CVE-2016-4626",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors." "value": "IOHIDFamily in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT206902", "name": "1036344",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT206902" "url": "http://www.securitytracker.com/id/1036344"
}, },
{ {
"name" : "https://support.apple.com/HT206903", "name": "APPLE-SA-2016-07-18-4",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT206903" "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
}, },
{ {
"name" : "https://support.apple.com/HT206904", "name": "APPLE-SA-2016-07-18-3",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT206904" "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
}, },
{ {
"name" : "https://support.apple.com/HT206905", "name": "APPLE-SA-2016-07-18-2",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "https://support.apple.com/HT206905" "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
}, },
{ {
"name" : "APPLE-SA-2016-07-18-1", "name": "91834",
"refsource" : "APPLE", "refsource": "BID",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" "url": "http://www.securityfocus.com/bid/91834"
}, },
{ {
"name" : "APPLE-SA-2016-07-18-2", "name": "APPLE-SA-2016-07-18-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2016-07-18-3", "name": "https://support.apple.com/HT206905",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" "url": "https://support.apple.com/HT206905"
}, },
{ {
"name" : "APPLE-SA-2016-07-18-4", "name": "https://support.apple.com/HT206903",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" "url": "https://support.apple.com/HT206903"
}, },
{ {
"name" : "91834", "name": "https://support.apple.com/HT206902",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/91834" "url": "https://support.apple.com/HT206902"
}, },
{ {
"name" : "1036344", "name": "https://support.apple.com/HT206904",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036344" "url": "https://support.apple.com/HT206904"
} }
] ]
} }

80
2016/4xxx/CVE-2016-4845.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4845", "ID": "CVE-2016-4845",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content." "value": "Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.iodata.jp/support/information/2016/hvl-a_csrf/", "name": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.iodata.jp/support/information/2016/hvl-a_csrf/" "url": "http://www.iodata.jp/support/information/2016/hvl-a_csrf/"
}, },
{ {
"name" : "JVN#35062083", "name": "JVNDB-2016-000134",
"refsource" : "JVN", "refsource": "JVNDB",
"url" : "http://jvn.jp/en/jp/JVN35062083/index.html" "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134"
}, },
{ {
"name" : "JVNDB-2016-000134", "name": "92352",
"refsource" : "JVNDB", "refsource": "BID",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000134" "url": "http://www.securityfocus.com/bid/92352"
}, },
{ {
"name" : "92352", "name": "JVN#35062083",
"refsource" : "BID", "refsource": "JVN",
"url" : "http://www.securityfocus.com/bid/92352" "url": "http://jvn.jp/en/jp/JVN35062083/index.html"
} }
] ]
} }

74
2016/4xxx/CVE-2016-4883.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4883", "ID": "CVE-2016-4883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "baserCMS", "product_name": "baserCMS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 3.0.10 and earlier" "version_value": "version 3.0.10 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "baserCMS Users Community" "vendor_name": "baserCMS Users Community"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting" "value": "Cross-site scripting"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://basercms.net/security/JVN92765814", "name": "http://basercms.net/security/JVN92765814",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://basercms.net/security/JVN92765814" "url": "http://basercms.net/security/JVN92765814"
}, },
{ {
"name" : "JVN#92765814", "name": "JVN#92765814",
"refsource" : "JVN", "refsource": "JVN",
"url" : "https://jvn.jp/en/jp/JVN92765814/index.html" "url": "https://jvn.jp/en/jp/JVN92765814/index.html"
}, },
{ {
"name" : "93217", "name": "93217",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93217" "url": "http://www.securityfocus.com/bid/93217"
} }
] ]
} }

128
2016/5xxx/CVE-2016-5146.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5146", "ID": "CVE-2016-5146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." "value": "Multiple unspecified vulnerabilities in Google Chrome before 52.0.2743.116 allow attackers to cause a denial of service or possibly have other impact via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html", "name": "https://crbug.com/633310",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html" "url": "https://crbug.com/633310"
}, },
{ {
"name" : "https://crbug.com/620277", "name": "https://crbug.com/620277",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://crbug.com/620277" "url": "https://crbug.com/620277"
}, },
{ {
"name" : "https://crbug.com/620766", "name": "92276",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://crbug.com/620766" "url": "http://www.securityfocus.com/bid/92276"
}, },
{ {
"name" : "https://crbug.com/633310", "name": "openSUSE-SU-2016:1983",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://crbug.com/633310" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html"
}, },
{ {
"name" : "https://crbug.com/633486", "name": "RHSA-2016:1580",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://crbug.com/633486" "url": "http://rhn.redhat.com/errata/RHSA-2016-1580.html"
}, },
{ {
"name" : "DSA-3645", "name": "1036547",
"refsource" : "DEBIAN", "refsource": "SECTRACK",
"url" : "http://www.debian.org/security/2016/dsa-3645" "url": "http://www.securitytracker.com/id/1036547"
}, },
{ {
"name" : "GLSA-201610-09", "name": "GLSA-201610-09",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201610-09" "url": "https://security.gentoo.org/glsa/201610-09"
}, },
{ {
"name" : "RHSA-2016:1580", "name": "http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1580.html" "url": "http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html"
}, },
{ {
"name" : "openSUSE-SU-2016:1982", "name": "https://crbug.com/633486",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html" "url": "https://crbug.com/633486"
}, },
{ {
"name" : "openSUSE-SU-2016:1983", "name": "openSUSE-SU-2016:1982",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.html"
}, },
{ {
"name" : "92276", "name": "DSA-3645",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/92276" "url": "http://www.debian.org/security/2016/dsa-3645"
}, },
{ {
"name" : "1036547", "name": "https://crbug.com/620766",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036547" "url": "https://crbug.com/620766"
} }
] ]
} }

116
2016/5xxx/CVE-2016-5300.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5300", "ID": "CVE-2016-5300",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876." "value": "The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160604 Re: expat hash collision fix too predictable?", "name": "https://www.tenable.com/security/tns-2016-20",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/04/5" "url": "https://www.tenable.com/security/tns-2016-20"
}, },
{ {
"name" : "[oss-security] 20160604 Re: expat hash collision fix too predictable?", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2016/06/04/4" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "name": "[oss-security] 20160604 Re: expat hash collision fix too predictable?",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" "url": "http://www.openwall.com/lists/oss-security/2016/06/04/4"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2016-11-01.html", "name": "DSA-3597",
"refsource" : "CONFIRM", "refsource": "DEBIAN",
"url" : "https://source.android.com/security/bulletin/2016-11-01.html" "url": "http://www.debian.org/security/2016/dsa-3597"
}, },
{ {
"name" : "https://www.tenable.com/security/tns-2016-20", "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.tenable.com/security/tns-2016-20" "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "name": "91159",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "url": "http://www.securityfocus.com/bid/91159"
}, },
{ {
"name" : "DSA-3597", "name": "GLSA-201701-21",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "http://www.debian.org/security/2016/dsa-3597" "url": "https://security.gentoo.org/glsa/201701-21"
}, },
{ {
"name" : "GLSA-201701-21", "name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201701-21" "url": "https://source.android.com/security/bulletin/2016-11-01.html"
}, },
{ {
"name" : "USN-3010-1", "name": "USN-3010-1",
"refsource" : "UBUNTU", "refsource": "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-3010-1" "url": "http://www.ubuntu.com/usn/USN-3010-1"
}, },
{ {
"name" : "91159", "name": "[oss-security] 20160604 Re: expat hash collision fix too predictable?",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/91159" "url": "http://www.openwall.com/lists/oss-security/2016/06/04/5"
} }
] ]
} }

74
2016/5xxx/CVE-2016-5622.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5622", "ID": "CVE-2016-5622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA." "value": "Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial Services Applications 11.3.0, 11.4.0, 12.0.1 through 12.0.3, 12.1.0, and 12.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to INFRA."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "name": "1037049",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "url": "http://www.securitytracker.com/id/1037049"
}, },
{ {
"name" : "93666", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/93666" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}, },
{ {
"name" : "1037049", "name": "93666",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037049" "url": "http://www.securityfocus.com/bid/93666"
} }
] ]
} }

22
2019/0xxx/CVE-2019-0139.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0139", "ID": "CVE-2019-0139",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0341.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0341", "ID": "CVE-2019-0341",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0715.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0715", "ID": "CVE-2019-0715",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/0xxx/CVE-2019-0976.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0976", "ID": "CVE-2019-0976",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

72
2019/1003xxx/CVE-2019-1003028.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED" : "2019-02-19T22:20:51.848853", "DATE_ASSIGNED": "2019-02-19T22:20:51.848853",
"ID" : "CVE-2019-1003028", "ID": "CVE-2019-1003028",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins JMS Messaging Plugin", "product_name": "Jenkins JMS Messaging Plugin",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.1.1 and earlier" "version_value": "1.1.1 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins project" "vendor_name": "Jenkins project"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A server-side request forgery vulnerability exists in Jenkins JMS Messaging Plugin 1.1.1 and earlier in SSLCertificateAuthenticationMethod.java, UsernameAuthenticationMethod.java that allows attackers with Overall/Read permission to have Jenkins connect to a JMS endpoint." "value": "A server-side request forgery vulnerability exists in Jenkins JMS Messaging Plugin 1.1.1 and earlier in SSLCertificateAuthenticationMethod.java, UsernameAuthenticationMethod.java that allows attackers with Overall/Read permission to have Jenkins connect to a JMS endpoint."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-441, CWE-918, CWE-352" "value": "CWE-441, CWE-918, CWE-352"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1033", "name": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1033",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1033" "url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-1033"
}, },
{ {
"name" : "107295", "name": "107295",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/107295" "url": "http://www.securityfocus.com/bid/107295"
} }
] ]
} }

22
2019/1xxx/CVE-2019-1828.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1828", "ID": "CVE-2019-1828",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3226.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3226", "ID": "CVE-2019-3226",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3503.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3503", "ID": "CVE-2019-3503",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3612.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3612", "ID": "CVE-2019-3612",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3771.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3771", "ID": "CVE-2019-3771",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4217.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4217", "ID": "CVE-2019-4217",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4264.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4264", "ID": "CVE-2019-4264",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4476.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4476", "ID": "CVE-2019-4476",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/4xxx/CVE-2019-4700.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4700", "ID": "CVE-2019-4700",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7984.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7984", "ID": "CVE-2019-7984",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8014.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8014", "ID": "CVE-2019-8014",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8250.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8250", "ID": "CVE-2019-8250",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8562.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8562", "ID": "CVE-2019-8562",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8835.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8835", "ID": "CVE-2019-8835",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/9xxx/CVE-2019-9234.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9234", "ID": "CVE-2019-9234",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/9xxx/CVE-2019-9506.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9506", "ID": "CVE-2019-9506",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2019/9xxx/CVE-2019-9587.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9587", "ID": "CVE-2019-9587",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree." "value": "There is a stack consumption issue in md5Round1() located in Decrypt.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. This is related to Catalog::countPageTree."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41263", "name": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41263",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41263" "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41263"
}, },
{ {
"name" : "https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01/", "name": "https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01/" "url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflow-vulnerability-in-function-md5round1-xpdf-4-01/"
} }
] ]
} }

62
2019/9xxx/CVE-2019-9688.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9688", "ID": "CVE-2019-9688",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=add_post CSRF to add an admin account." "value": "sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=add_post CSRF to add an admin account."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/forgeekscn/sftnow/issues/6", "name": "https://github.com/forgeekscn/sftnow/issues/6",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/forgeekscn/sftnow/issues/6" "url": "https://github.com/forgeekscn/sftnow/issues/6"
} }
] ]
} }

22
2019/9xxx/CVE-2019-9803.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9803", "ID": "CVE-2019-9803",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }