admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:53:18 +00:00
parent 487dd7881a
commit 6f9862a0e6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 3770 additions and 3770 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
1999/0xxx/CVE-1999-0103.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0103", "ID": "CVE-1999-0103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01" "lang": "eng",
} "value": "Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-233-01"
}
]
}
}

120
1999/0xxx/CVE-1999-0746.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0746", "ID": "CVE-1999-0746",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "587", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/587" "lang": "eng",
} "value": "A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "587",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/587"
}
]
}
}

150
2000/0xxx/CVE-2000-0203.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0203", "ID": "CVE-2000-0203",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000228 Re: TrendMicro OfficeScan tmlisten.exe DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=412FC0AFD62ED31191B40008C7E9A11A0D481D@srvnt04.previnet.it" "lang": "eng",
}, "value": "The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345."
{ }
"name" : "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.antivirus.com/download/ofce_patch_35.htm", "description": [
"refsource" : "MISC", {
"url" : "http://www.antivirus.com/download/ofce_patch_35.htm" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1013", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1013" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000315 Trend Micro release patch for \"OfficeScan DoS & Message Replay\" V ulnerabilies",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=D129BBE1730AD2118A0300805FC1C2FE038AF28B@209-76-212-10.trendmicro.com"
},
{
"name": "http://www.antivirus.com/download/ofce_patch_35.htm",
"refsource": "MISC",
"url": "http://www.antivirus.com/download/ofce_patch_35.htm"
},
{
"name": "20000228 Re: TrendMicro OfficeScan tmlisten.exe DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=412FC0AFD62ED31191B40008C7E9A11A0D481D@srvnt04.previnet.it"
},
{
"name": "1013",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1013"
}
]
}
}

140
2000/0xxx/CVE-2000-0275.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0275", "ID": "CVE-2000-0275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000410 CRYPTOCard PalmToken PIN Extraction", "description_data": [
"refsource" : "L0PHT", {
"url" : "http://www.l0pht.com/advisories/cc-pinextract.txt" "lang": "eng",
}, "value": "CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN."
{ }
"name" : "20000410 CRYPTOAdmin 4.1 server with PalmPilot PT-1 token 1.04 PIN Extract ion", ]
"refsource" : "BUGTRAQ", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0033.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1097", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1097" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20000410 CRYPTOAdmin 4.1 server with PalmPilot PT-1 token 1.04 PIN Extract ion",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0033.html"
},
{
"name": "1097",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1097"
},
{
"name": "20000410 CRYPTOCard PalmToken PIN Extraction",
"refsource": "L0PHT",
"url": "http://www.l0pht.com/advisories/cc-pinextract.txt"
}
]
}
}

150
2000/0xxx/CVE-2000-0455.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0455", "ID": "CVE-2000-0455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000529 Initialized Data Overflow in Xlock", "description_data": [
"refsource" : "NAI", {
"url" : "http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp" "lang": "eng",
}, "value": "Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option."
{ }
"name" : "NetBSD-SA2000-003", ]
"refsource" : "NETBSD", },
"url" : "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-003.txt.asc" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TLSA2000012-1", "description": [
"refsource" : "TURBO", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0375.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1267", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1267" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000529 Initialized Data Overflow in Xlock",
"refsource": "NAI",
"url": "http://www.nai.com/nai_labs/asp_set/advisory/41initialized.asp"
},
{
"name": "1267",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1267"
},
{
"name": "NetBSD-SA2000-003",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-003.txt.asc"
},
{
"name": "TLSA2000012-1",
"refsource": "TURBO",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0375.html"
}
]
}
}

150
2000/0xxx/CVE-2000-0457.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0457", "ID": "CVE-2000-0457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the \".HTR File Fragment Reading\" or \"File Fragment Reading via .HTR\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000511 Alert: IIS ism.dll exposes file contents", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=95810120719608&w=2" "lang": "eng",
}, "value": "ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the \".HTR File Fragment Reading\" or \"File Fragment Reading via .HTR\" vulnerability."
{ }
"name" : "MS00-031", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1193", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1193" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "iis-ism-file-access(4448)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4448" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000511 Alert: IIS ism.dll exposes file contents",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95810120719608&w=2"
},
{
"name": "MS00-031",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-031"
},
{
"name": "iis-ism-file-access(4448)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4448"
},
{
"name": "1193",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1193"
}
]
}
}

140
2000/0xxx/CVE-2000-0726.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0726", "ID": "CVE-2000-0726",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000829 Stalker's CGImail Gives Read Access to All Server Files", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000829194618.H7744@thathost.com" "lang": "eng",
}, "value": "CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable."
{ }
"name" : "1623", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1623" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mailers-cgimail-spoof(5165)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5165" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "mailers-cgimail-spoof(5165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5165"
},
{
"name": "1623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1623"
},
{
"name": "20000829 Stalker's CGImail Gives Read Access to All Server Files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000829194618.H7744@thathost.com"
}
]
}
}

160
2007/0xxx/CVE-2007-0313.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0313", "ID": "CVE-2007-0313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[gosa] 20070115 GOsa 2.5.8 released (security fixes!)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://oss.gonicus.de/pipermail/gosa/2007-January/002650.html" "lang": "eng",
}, "value": "Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests."
{ }
"name" : "ADV-2007-0207", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0207" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32821", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32821" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23749", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23749" ]
}, },
{ "references": {
"name" : "gosa-unspecified-data-manipulation(31516)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31516" "name": "ADV-2007-0207",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0207"
} },
} {
"name": "23749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23749"
},
{
"name": "gosa-unspecified-data-manipulation(31516)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31516"
},
{
"name": "32821",
"refsource": "OSVDB",
"url": "http://osvdb.org/32821"
},
{
"name": "[gosa] 20070115 GOsa 2.5.8 released (security fixes!)",
"refsource": "MLIST",
"url": "http://oss.gonicus.de/pipermail/gosa/2007-January/002650.html"
}
]
}
}

140
2007/1xxx/CVE-2007-1492.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1492", "ID": "CVE-2007-1492",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070310 Windows Multimedia mmioRead Denial of Service Vulnerability", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0063.html" "lang": "eng",
}, "value": "winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file."
{ }
"name" : "22938", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22938" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34101", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34101" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20070310 Windows Multimedia mmioRead Denial of Service Vulnerability",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0063.html"
},
{
"name": "22938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22938"
},
{
"name": "34101",
"refsource": "OSVDB",
"url": "http://osvdb.org/34101"
}
]
}
}

180
2007/1xxx/CVE-2007-1763.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1763", "ID": "CVE-2007-1763",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070325 Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0077.html" "lang": "eng",
}, "value": "The ATI kernel driver (atikmdag.sys) in Microsoft Windows Vista allows user-assisted remote attackers to cause a denial of service (crash) via a crafted JPG image, as demonstrated by a slideshow, possibly due to a buffer overflow."
{ }
"name" : "http://securityvulns.com/news/Microsoft/Vista/ATI.html", ]
"refsource" : "MISC", },
"url" : "http://securityvulns.com/news/Microsoft/Vista/ATI.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://leovilletownsquare.com/fusionbb/showtopic.php?fid/27/tid/17600/", "description": [
"refsource" : "MISC", {
"url" : "http://leovilletownsquare.com/fusionbb/showtopic.php?fid/27/tid/17600/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1160", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1160" ]
}, },
{ "references": {
"name" : "33635", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/33635" "name": "win-atikmdag-dos(33300)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33300"
"name" : "24667", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24667" "name": "20070325 Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability",
}, "refsource": "VULNWATCH",
{ "url": "http://archives.neohapsis.com/archives/vulnwatch/2007-q1/0077.html"
"name" : "win-atikmdag-dos(33300)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33300" "name": "ADV-2007-1160",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/1160"
} },
} {
"name": "24667",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24667"
},
{
"name": "http://leovilletownsquare.com/fusionbb/showtopic.php?fid/27/tid/17600/",
"refsource": "MISC",
"url": "http://leovilletownsquare.com/fusionbb/showtopic.php?fid/27/tid/17600/"
},
{
"name": "33635",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33635"
},
{
"name": "http://securityvulns.com/news/Microsoft/Vista/ATI.html",
"refsource": "MISC",
"url": "http://securityvulns.com/news/Microsoft/Vista/ATI.html"
}
]
}
}

34
2007/1xxx/CVE-2007-1857.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1857", "ID": "CVE-2007-1857",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2007/1xxx/CVE-2007-1913.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1913", "ID": "CVE-2007-1913",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464669/100/0/threaded" "lang": "eng",
}, "value": "The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended."
{ }
"name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf", ]
"refsource" : "MISC", },
"url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23305", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/23305" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-1270", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/1270" ]
}, },
{ "references": {
"name" : "24722", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24722" "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf",
}, "refsource": "MISC",
{ "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_TRUSTED_SYSTEM_SECURITY_RFC_Function_Information_Disclosure.pdf"
"name" : "2535", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2535" "name": "23305",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23305"
"name" : "sap-rfc-syssecurity-information-disclosure(33423)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33423" "name": "20070404 CYBSEC Pre-Advisory: SAP TRUSTED_SYSTEM_SECURITY RFC Function Information Disclosure",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/464669/100/0/threaded"
} },
} {
"name": "24722",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24722"
},
{
"name": "sap-rfc-syssecurity-information-disclosure(33423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33423"
},
{
"name": "ADV-2007-1270",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1270"
},
{
"name": "2535",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2535"
}
]
}
}

150
2007/1xxx/CVE-2007-1971.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1971", "ID": "CVE-2007-1971",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to execute arbitrary SQL commands via the query string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464738/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 allows remote attackers to execute arbitrary SQL commands via the query string."
{ }
"name" : "23316", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23316" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35266", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35266" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2547", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2547" ]
} },
] "references": {
} "reference_data": [
} {
"name": "35266",
"refsource": "OSVDB",
"url": "http://osvdb.org/35266"
},
{
"name": "23316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23316"
},
{
"name": "2547",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2547"
},
{
"name": "20070404 Gazi Okul Sitesi 2007(tr)(fotokategori.asp) Remote SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464738/100/0/threaded"
}
]
}
}

160
2007/5xxx/CVE-2007-5713.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5713", "ID": "CVE-2007-5713",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.alliedmods.net/?do=details&task_id=519", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugs.alliedmods.net/?do=details&task_id=519" "lang": "eng",
}, "value": "Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow."
{ }
"name" : "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes", ]
"refsource" : "CONFIRM", },
"url" : "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26218", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26218" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41980", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/41980" ]
}, },
{ "references": {
"name" : "27411", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27411" "name": "41980",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/41980"
} },
} {
"name": "http://bugs.alliedmods.net/?do=details&task_id=519",
"refsource": "CONFIRM",
"url": "http://bugs.alliedmods.net/?do=details&task_id=519"
},
{
"name": "26218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26218"
},
{
"name": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes",
"refsource": "CONFIRM",
"url": "http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes"
},
{
"name": "27411",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27411"
}
]
}
}

190
2015/3xxx/CVE-2015-3079.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-3079", "ID": "CVE-2015-3079",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html" "lang": "eng",
}, "value": "Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors."
{ }
"name" : "GLSA-201505-02", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201505-02" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:1005", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1005.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2015:0878", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:0890", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html" "name": "1032285",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032285"
"name" : "openSUSE-SU-2015:0914", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html" "name": "SUSE-SU-2015:0878",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html"
"name" : "74612", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74612" "name": "74612",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/74612"
"name" : "1032285", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032285" "name": "openSUSE-SU-2015:0890",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html"
} },
} {
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-09.html"
},
{
"name": "GLSA-201505-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201505-02"
},
{
"name": "openSUSE-SU-2015:0914",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html"
},
{
"name": "RHSA-2015:1005",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1005.html"
}
]
}
}

310
2015/3xxx/CVE-2015-3145.json
View File

@ -1,157 +1,157 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3145", "ID": "CVE-2015-3145",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://curl.haxx.se/docs/adv_20150422C.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://curl.haxx.se/docs/adv_20150422C.html" "lang": "eng",
}, "value": "The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character."
{ }
"name" : "http://advisories.mageia.org/MGASA-2015-0179.html", ]
"refsource" : "CONFIRM", },
"url" : "http://advisories.mageia.org/MGASA-2015-0179.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/kb/HT205031", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" "name": "74303",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/74303"
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743", },
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743" "name": "FEDORA-2015-6853",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "name": "DSA-3232",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3232"
"name" : "APPLE-SA-2015-08-13-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "http://curl.haxx.se/docs/adv_20150422C.html",
}, "refsource": "CONFIRM",
{ "url": "http://curl.haxx.se/docs/adv_20150422C.html"
"name" : "DSA-3232", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3232" "name": "FEDORA-2015-6712",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html"
"name" : "FEDORA-2015-6695", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html" "name": "MDVSA-2015:219",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219"
"name" : "FEDORA-2015-6728", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html" "name": "USN-2591-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2591-1"
"name" : "FEDORA-2015-6853", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157188.html" "name": "1032232",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032232"
"name" : "FEDORA-2015-6864", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html" "name": "APPLE-SA-2015-08-13-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"name" : "FEDORA-2015-6712", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156250.html" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name" : "GLSA-201509-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201509-02" "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743",
}, "refsource": "CONFIRM",
{ "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743"
"name" : "MDVSA-2015:219", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:219" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
"name" : "openSUSE-SU-2015:0799", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html" "name": "openSUSE-SU-2015:0799",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00057.html"
"name" : "USN-2591-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2591-1" "name": "http://advisories.mageia.org/MGASA-2015-0179.html",
}, "refsource": "CONFIRM",
{ "url": "http://advisories.mageia.org/MGASA-2015-0179.html"
"name" : "74303", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74303" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
"name" : "1032232", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032232" "name": "https://support.apple.com/kb/HT205031",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/kb/HT205031"
} },
} {
"name": "GLSA-201509-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201509-02"
},
{
"name": "FEDORA-2015-6728",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157017.html"
},
{
"name": "FEDORA-2015-6695",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155957.html"
},
{
"name": "FEDORA-2015-6864",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156945.html"
}
]
}
}

150
2015/3xxx/CVE-2015-3360.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3360", "ID": "CVE-2015-3360",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2407315", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2407315" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2406869", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2406869" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "72113", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/72113" ]
} },
] "references": {
} "reference_data": [
} {
"name": "72113",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72113"
},
{
"name": "https://www.drupal.org/node/2407315",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2407315"
},
{
"name": "https://www.drupal.org/node/2406869",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2406869"
},
{
"name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/6"
}
]
}
}

170
2015/3xxx/CVE-2015-3443.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3443", "ID": "CVE-2015-3443",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150624 CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535821/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the basic dashboard in Thycotic Secret Server 8.6.x, 8.7.x, and 8.8.x before 8.8.000005 allows remote authenticated users to inject arbitrary web script or HTML via a password entry, which is not properly handled when toggling the password mask."
{ }
"name" : "37394", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/37394/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20150624 CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Jun/78" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.csnc.ch/misc/files/advisories/CVE-2015-3443_Thycotic_Secret_Server_XSS.TXT", ]
"refsource" : "MISC", }
"url" : "http://www.csnc.ch/misc/files/advisories/CVE-2015-3443_Thycotic_Secret_Server_XSS.TXT" ]
}, },
{ "references": {
"name" : "http://thycotic.com/products/secret-server/resources/advisories/thy-ss-004/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://thycotic.com/products/secret-server/resources/advisories/thy-ss-004/" "name": "20150624 CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/535821/100/0/threaded"
"name" : "75393", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75393" "name": "75393",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/75393"
} },
} {
"name": "20150624 CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jun/78"
},
{
"name": "http://thycotic.com/products/secret-server/resources/advisories/thy-ss-004/",
"refsource": "CONFIRM",
"url": "http://thycotic.com/products/secret-server/resources/advisories/thy-ss-004/"
},
{
"name": "http://www.csnc.ch/misc/files/advisories/CVE-2015-3443_Thycotic_Secret_Server_XSS.TXT",
"refsource": "MISC",
"url": "http://www.csnc.ch/misc/files/advisories/CVE-2015-3443_Thycotic_Secret_Server_XSS.TXT"
},
{
"name": "37394",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37394/"
}
]
}
}

590
2015/3xxx/CVE-2015-3456.json
View File

@ -1,297 +1,297 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3456", "ID": "CVE-2015-3456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "37053", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/37053/" "lang": "eng",
}, "value": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM."
{ }
"name" : "http://venom.crowdstrike.com/", ]
"refsource" : "MISC", },
"url" : "http://venom.crowdstrike.com/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://xenbits.xen.org/xsa/advisory-133.html", ]
"refsource" : "CONFIRM", }
"url" : "http://xenbits.xen.org/xsa/advisory-133.html" ]
}, },
{ "references": {
"name" : "https://access.redhat.com/articles/1444903", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://access.redhat.com/articles/1444903" "name": "37053",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/37053/"
"name" : "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/", },
"refsource" : "CONFIRM", {
"url" : "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/" "name": "1032306",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032306"
"name" : "https://www.suse.com/security/cve/CVE-2015-3456.html", },
"refsource" : "CONFIRM", {
"url" : "https://www.suse.com/security/cve/CVE-2015-3456.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10118", },
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10118" "name": "SUSE-SU-2015:0889",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "name": "https://kb.juniper.net/JSA10783",
}, "refsource": "CONFIRM",
{ "url": "https://kb.juniper.net/JSA10783"
"name" : "https://support.lenovo.com/us/en/product_security/venom", },
"refsource" : "CONFIRM", {
"url" : "https://support.lenovo.com/us/en/product_security/venom" "name": "DSA-3259",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3259"
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm", },
"refsource" : "CONFIRM", {
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm" "name": "SUSE-SU-2015:0929",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693", },
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693" "name": "SUSE-SU-2015:0896",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
"name" : "http://support.citrix.com/article/CTX201078", },
"refsource" : "CONFIRM", {
"url" : "http://support.citrix.com/article/CTX201078" "name": "GLSA-201612-27",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201612-27"
"name" : "https://bto.bluecoat.com/security-advisory/sa95", },
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa95" "name": "RHSA-2015:0999",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0999.html"
"name" : "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability", },
"refsource" : "CONFIRM", {
"url" : "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability" "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10118",
}, "refsource": "CONFIRM",
{ "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10118"
"name" : "https://kb.juniper.net/JSA10783", },
"refsource" : "CONFIRM", {
"url" : "https://kb.juniper.net/JSA10783" "name": "SUSE-SU-2015:0923",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
"name" : "DSA-3274", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3274" "name": "RHSA-2015:1001",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1001.html"
"name" : "DSA-3259", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3259" "name": "HPSBMU03336",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143229451215900&w=2"
"name" : "DSA-3262", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3262" "name": "http://support.citrix.com/article/CTX201078",
}, "refsource": "CONFIRM",
{ "url": "http://support.citrix.com/article/CTX201078"
"name" : "FEDORA-2015-8249", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html" "name": "http://xenbits.xen.org/xsa/advisory-133.html",
}, "refsource": "CONFIRM",
{ "url": "http://xenbits.xen.org/xsa/advisory-133.html"
"name" : "GLSA-201602-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201602-01" "name": "RHSA-2015:1003",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1003.html"
"name" : "GLSA-201604-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201604-03" "name": "openSUSE-SU-2015:0893",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
"name" : "GLSA-201612-27", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-27" "name": "1032917",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032917"
"name" : "HPSBMU03336", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143229451215900&w=2" "name": "HPSBMU03349",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143387998230996&w=2"
"name" : "SSRT102076", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143229451215900&w=2" "name": "RHSA-2015:0998",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-0998.html"
"name" : "HPSBMU03349", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=143387998230996&w=2" "name": "https://www.suse.com/security/cve/CVE-2015-3456.html",
}, "refsource": "CONFIRM",
{ "url": "https://www.suse.com/security/cve/CVE-2015-3456.html"
"name" : "RHSA-2015:0998", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0998.html" "name": "openSUSE-SU-2015:0894",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
"name" : "RHSA-2015:0999", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0999.html" "name": "FEDORA-2015-8249",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158072.html"
"name" : "RHSA-2015:1000", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1000.html" "name": "https://bto.bluecoat.com/security-advisory/sa95",
}, "refsource": "CONFIRM",
{ "url": "https://bto.bluecoat.com/security-advisory/sa95"
"name" : "RHSA-2015:1001", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1001.html" "name": "RHSA-2015:1004",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1004.html"
"name" : "RHSA-2015:1002", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1002.html" "name": "http://venom.crowdstrike.com/",
}, "refsource": "MISC",
{ "url": "http://venom.crowdstrike.com/"
"name" : "RHSA-2015:1003", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1003.html" "name": "RHSA-2015:1011",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1011.html"
"name" : "RHSA-2015:1004", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1004.html" "name": "https://support.lenovo.com/us/en/product_security/venom",
}, "refsource": "CONFIRM",
{ "url": "https://support.lenovo.com/us/en/product_security/venom"
"name" : "RHSA-2015:1011", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1011.html" "name": "SUSE-SU-2015:0927",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
"name" : "SUSE-SU-2015:0927", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html" "name": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c",
}, "refsource": "CONFIRM",
{ "url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c"
"name" : "SUSE-SU-2015:0929", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html" "name": "GLSA-201604-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201604-03"
"name" : "SUSE-SU-2015:0896", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html" "name": "RHSA-2015:1002",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1002.html"
"name" : "openSUSE-SU-2015:1400", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html" "name": "USN-2608-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2608-1"
"name" : "openSUSE-SU-2015:0983", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html" "name": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/",
}, "refsource": "CONFIRM",
{ "url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
"name" : "SUSE-SU-2015:0889", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html" "name": "openSUSE-SU-2015:0983",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
"name" : "openSUSE-SU-2015:0893", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html" "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693",
}, "refsource": "CONFIRM",
{ "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10693"
"name" : "openSUSE-SU-2015:0894", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html" "name": "1032311",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032311"
"name" : "SUSE-SU-2015:0923", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html" "name": "SSRT102076",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=143229451215900&w=2"
"name" : "USN-2608-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2608-1" "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm",
}, "refsource": "CONFIRM",
{ "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
"name" : "74640", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74640" "name": "DSA-3262",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3262"
"name" : "1032306", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032306" "name": "GLSA-201602-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201602-01"
"name" : "1032311", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032311" "name": "openSUSE-SU-2015:1400",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
"name" : "1032917", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032917" "name": "74640",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/74640"
} },
} {
"name": "DSA-3274",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3274"
},
{
"name": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
},
{
"name": "https://access.redhat.com/articles/1444903",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/articles/1444903"
},
{
"name": "RHSA-2015:1000",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1000.html"
}
]
}
}

34
2015/3xxx/CVE-2015-3502.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3502", "ID": "CVE-2015-3502",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2015/6xxx/CVE-2015-6268.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6268", "ID": "CVE-2015-6268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150826 Cisco ASR 1000 Series Aggregation Services Routers Crafted UDP Packet DoS Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40685" "lang": "eng",
}, "value": "Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted IPv4 UDP packet, aka Bug ID CSCsw95482."
{ }
"name" : "1033406", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033406" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033406",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033406"
},
{
"name": "20150826 Cisco ASR 1000 Series Aggregation Services Routers Crafted UDP Packet DoS Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40685"
}
]
}
}

34
2015/7xxx/CVE-2015-7506.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7506", "ID": "CVE-2015-7506",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/7xxx/CVE-2015-7671.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7671", "ID": "CVE-2015-7671",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/7xxx/CVE-2015-7874.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7874", "ID": "CVE-2015-7874",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2015/7xxx/CVE-2015-7902.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-7902", "ID": "CVE-2015-7902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02" "lang": "eng",
} "value": "Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02"
}
]
}
}

130
2015/7xxx/CVE-2015-7912.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-7912", "ID": "CVE-2015-7912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-15-571/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-15-571/" "lang": "eng",
}, "value": "The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate before 5.30.06 allows remote attackers to upload and execute arbitrary Java code via a crafted XML document."
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-323-01", ]
"refsource" : "MISC", },
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-323-01" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://zerodayinitiative.com/advisories/ZDI-15-571/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-15-571/"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-323-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-323-01"
}
]
}
}

142
2015/8xxx/CVE-2015-8593.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-8593", "ID": "CVE-2015-8593",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430" "version_value": "MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer Copy without Checking Size of Input in 1x"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-07-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing."
{ }
"name" : "https://source.android.com/security/bulletin/2018-04-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/2018-04-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103671", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103671" "lang": "eng",
} "value": "Buffer Copy without Checking Size of Input in 1x"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

34
2015/8xxx/CVE-2015-8632.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8632", "ID": "CVE-2015-8632",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2015/8xxx/CVE-2015-8735.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8735", "ID": "CVE-2015-8735",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (invalid write operation and application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-53.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-53.html" "lang": "eng",
}, "value": "The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (invalid write operation and application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201604-05", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201604-05" ]
}, },
{ "references": {
"name" : "79382", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79382" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11817"
"name" : "1034551", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034551" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e",
} "refsource": "CONFIRM",
] "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=83bad0215dae54e77d34f8b187900125f672366e"
} },
} {
"name": "79382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79382"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-53.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-53.html"
}
]
}
}

120
2015/8xxx/CVE-2015-8988.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2015-8988", "ID": "CVE-2015-8988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ePO Deep Command (eDC)", "product_name": "ePO Deep Command (eDC)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.2 and 2.1" "version_value": "2.2 and 2.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unquoted executable path vulnerability"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10115", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10115" "lang": "eng",
} "value": "Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unquoted executable path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10115",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10115"
}
]
}
}

132
2015/9xxx/CVE-2015-9170.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9170", "ID": "CVE-2015-9170",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850" "version_value": "MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect offset check in wv_dash_core_refresh_keys() may lead to a buffer overread."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer overread vulnerability in QTEE"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect offset check in wv_dash_core_refresh_keys() may lead to a buffer overread."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Buffer overread vulnerability in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

34
2016/0xxx/CVE-2016-0256.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-0256", "ID": "CVE-2016-0256",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/0xxx/CVE-2016-0381.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0381", "ID": "CVE-2016-0381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty, allows remote authenticated users to cause a denial of service (configuration outage) via a non-empty value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981936", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981936" "lang": "eng",
}, "value": "IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty, allows remote authenticated users to cause a denial of service (configuration outage) via a non-empty value."
{ }
"name" : "1035930", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035930" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035930",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035930"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981936",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981936"
}
]
}
}

130
2016/0xxx/CVE-2016-0681.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0681", "ID": "CVE-2016-0681",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspecified vectors."
{ }
"name" : "1035590", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035590" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035590",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035590"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
}
]
}
}

140
2016/1xxx/CVE-2016-1074.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1074", "ID": "CVE-2016-1074",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-322", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-322" "lang": "eng",
}, "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035828", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035828" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-322",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-322"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

130
2016/1xxx/CVE-2016-1401.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1401", "ID": "CVE-2016-1401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy91250."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160517 Cisco Unified Computing System Central Cross-Site Scripting Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Computing System (UCS) Central Software 1.4(1a) allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCuy91250."
{ }
"name" : "1035933", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035933" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035933",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035933"
},
{
"name": "20160517 Cisco Unified Computing System Central Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-ucs"
}
]
}
}

130
2016/1xxx/CVE-2016-1441.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1441", "ID": "CVE-2016-1441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160630 Cisco Configuration Assistant Request Processing Unauthorized Access Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160630-cca" "lang": "eng",
}, "value": "Cisco Cloud Network Automation Provisioner (CNAP) 1.0(0) in Cisco Configuration Assistant (CCA) allows remote attackers to bypass intended filesystem and administrative-endpoint restrictions via GET API calls, aka Bug ID CSCuy77145."
{ }
"name" : "91523", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91523" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160630 Cisco Configuration Assistant Request Processing Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160630-cca"
},
{
"name": "91523",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91523"
}
]
}
}

230
2016/1xxx/CVE-2016-1670.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-1670", "ID": "CVE-2016-1670",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html" "lang": "eng",
}, "value": "Race condition in the ResourceDispatcherHostImpl::BeginRequest function in content/browser/loader/resource_dispatcher_host_impl.cc in Google Chrome before 50.0.2661.102 allows remote attackers to make arbitrary HTTP requests by leveraging access to a renderer process and reusing a request ID."
{ }
"name" : "https://codereview.chromium.org/1608573002", ]
"refsource" : "CONFIRM", },
"url" : "https://codereview.chromium.org/1608573002" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://crbug.com/578882", "description": [
"refsource" : "CONFIRM", {
"url" : "https://crbug.com/578882" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3590", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3590" ]
}, },
{ "references": {
"name" : "GLSA-201605-02", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201605-02" "name": "90584",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/90584"
"name" : "RHSA-2016:1080", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1080.html" "name": "1035872",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035872"
"name" : "openSUSE-SU-2016:1655", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" "name": "RHSA-2016:1080",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1080.html"
"name" : "openSUSE-SU-2016:1304", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html" "name": "openSUSE-SU-2016:1304",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html"
"name" : "openSUSE-SU-2016:1319", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html" "name": "openSUSE-SU-2016:1655",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html"
"name" : "USN-2960-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2960-1" "name": "DSA-3590",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3590"
"name" : "90584", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90584" "name": "USN-2960-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2960-1"
"name" : "1035872", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035872" "name": "https://crbug.com/578882",
} "refsource": "CONFIRM",
] "url": "https://crbug.com/578882"
} },
} {
"name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html"
},
{
"name": "https://codereview.chromium.org/1608573002",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1608573002"
},
{
"name": "openSUSE-SU-2016:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html"
},
{
"name": "GLSA-201605-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-02"
}
]
}
}

190
2016/1xxx/CVE-2016-1939.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-1939", "ID": "CVE-2016-1939",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-04.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-04.html" "lang": "eng",
}, "value": "Mozilla Firefox before 44.0 stores cookies with names containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-7208."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233784", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1233784" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201605-06", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201605-06" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2016:0306", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:0309", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html" "name": "1034825",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034825"
"name" : "USN-2880-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2880-1" "name": "USN-2880-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2880-1"
"name" : "USN-2880-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2880-2" "name": "USN-2880-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2880-2"
"name" : "1034825", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034825" "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-04.html",
} "refsource": "CONFIRM",
] "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-04.html"
} },
} {
"name": "openSUSE-SU-2016:0309",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233784",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1233784"
},
{
"name": "GLSA-201605-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201605-06"
},
{
"name": "openSUSE-SU-2016:0306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html"
}
]
}
}

130
2016/5xxx/CVE-2016-5233.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5233", "ID": "CVE-2016-5233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B182, NXT-CL00 before NXT-CL00C92B182, NXT-DL00 before NXT-DL00C17B182, and NXT-TL00 before NXT-TL00C01B182 allow remote base stations to obtain sensitive subscriber signal strength information via vectors involving improper security status verification, aka HWPSIRT-2015-12007."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-03-smartphone-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-03-smartphone-en" "lang": "eng",
}, "value": "Huawei Mate 8 smartphones with software NXT-AL10 before NXT-AL10C00B182, NXT-CL00 before NXT-CL00C92B182, NXT-DL00 before NXT-DL00C17B182, and NXT-TL00 before NXT-TL00C01B182 allow remote base stations to obtain sensitive subscriber signal strength information via vectors involving improper security status verification, aka HWPSIRT-2015-12007."
{ }
"name" : "90792", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90792" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "90792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90792"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-03-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-03-smartphone-en"
}
]
}
}

260
2016/5xxx/CVE-2016-5314.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5314", "ID": "CVE-2016-5314",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160615 CVE-2016-5314: libtiff 4.0.6 PixarLogDecode() out-of-bound writes", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/15/1" "lang": "eng",
}, "value": "Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr."
{ }
"name" : "[oss-security] 20160615 CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/06/15/9" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20160630 Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/06/30/3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2554", ]
"refsource" : "CONFIRM", }
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2554" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" "name": "DSA-3762",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2017/dsa-3762"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1346687", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1346687" "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
"name" : "https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2" "name": "openSUSE-SU-2016:3035",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html"
"name" : "DSA-3762", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3762" "name": "91195",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91195"
"name" : "GLSA-201701-16", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-16" "name": "openSUSE-SU-2016:2321",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html"
"name" : "openSUSE-SU-2016:1889", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html" "name": "[oss-security] 20160615 CVE-2016-5314: libtiff 4.0.6 PixarLogDecode() out-of-bound writes",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/06/15/1"
"name" : "openSUSE-SU-2016:2321", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00060.html" "name": "91245",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91245"
"name" : "openSUSE-SU-2016:2375", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1346687",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1346687"
"name" : "openSUSE-SU-2016:3035", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00017.html" "name": "https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/vadz/libtiff/commit/391e77fcd217e78b2c51342ac3ddb7100ecacdd2"
"name" : "91195", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91195" "name": "GLSA-201701-16",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-16"
"name" : "91245", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91245" "name": "openSUSE-SU-2016:1889",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00087.html"
} },
} {
"name": "openSUSE-SU-2016:2375",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00090.html"
},
{
"name": "[oss-security] 20160615 CVE-2016-5320: libtiff 4.0.6 rgb2ycbcr: command excution",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/9"
},
{
"name": "[oss-security] 20160630 Re: Re: CVE request: Heap-based buffer overflow in LibTIFF when using the PixarLog compression format",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/06/30/3"
},
{
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2554",
"refsource": "CONFIRM",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2554"
}
]
}
}

34
2016/5xxx/CVE-2016-5431.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5431", "ID": "CVE-2016-5431",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/5xxx/CVE-2016-5783.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5783", "ID": "CVE-2016-5783",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/5xxx/CVE-2016-5797.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-5797", "ID": "CVE-2016-5797",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01" "lang": "eng",
}, "value": "Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts."
{ }
"name" : "91728", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91728" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91728",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91728"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-194-01"
}
]
}
}

132
2018/2xxx/CVE-2018-2891.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2891", "ID": "CVE-2018-2891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Retail Bulk Data Integration", "product_name": "Retail Bulk Data Integration",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "16.0" "version_value": "16.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Retail Bulk Data Integration component of Oracle Retail Applications (subcomponent: BDI Job Scheduler). The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Bulk Data Integration. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Bulk Data Integration, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Bulk Data Integration accessible data as well as unauthorized read access to a subset of Oracle Retail Bulk Data Integration accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Bulk Data Integration. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Bulk Data Integration, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Bulk Data Integration accessible data as well as unauthorized read access to a subset of Oracle Retail Bulk Data Integration accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Retail Bulk Data Integration component of Oracle Retail Applications (subcomponent: BDI Job Scheduler). The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Bulk Data Integration. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Bulk Data Integration, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Bulk Data Integration accessible data as well as unauthorized read access to a subset of Oracle Retail Bulk Data Integration accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)."
{ }
"name" : "104829", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/104829" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Bulk Data Integration. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Bulk Data Integration, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Bulk Data Integration accessible data as well as unauthorized read access to a subset of Oracle Retail Bulk Data Integration accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "104829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104829"
}
]
}
}

34
2019/0xxx/CVE-2019-0152.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0152", "ID": "CVE-2019-0152",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2019/0xxx/CVE-2019-0251.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2019-0251", "ID": "CVE-2019-0251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP BusinessObjects Business Intelligence Platform (Fiori Launchpad)", "product_name": "SAP BusinessObjects Business Intelligence Platform (Fiori Launchpad)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "4.2" "version_value": "4.2"
}, },
{ {
"version_name" : "<", "version_name": "<",
"version_value" : "4.3" "version_value": "4.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2638175", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2638175" "lang": "eng",
}, "value": "The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943", ]
"refsource" : "MISC", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106993", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106993" "lang": "eng",
} "value": "Cross-Site Scripting"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943"
},
{
"name": "106993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106993"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2638175",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2638175"
}
]
}
}

34
2019/0xxx/CVE-2019-0496.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0496", "ID": "CVE-2019-0496",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0736.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0736", "ID": "CVE-2019-0736",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1027.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1027", "ID": "CVE-2019-1027",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1304.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1304", "ID": "CVE-2019-1304",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1491.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1491", "ID": "CVE-2019-1491",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1701.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1701", "ID": "CVE-2019-1701",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1822.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1822", "ID": "CVE-2019-1822",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4065.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4065", "ID": "CVE-2019-4065",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4387.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4387", "ID": "CVE-2019-4387",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4698.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4698", "ID": "CVE-2019-4698",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4716.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4716", "ID": "CVE-2019-4716",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5029.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5029", "ID": "CVE-2019-5029",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5349.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5349", "ID": "CVE-2019-5349",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5400.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5400", "ID": "CVE-2019-5400",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5432.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5432", "ID": "CVE-2019-5432",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

122
2019/8xxx/CVE-2019-8266.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vulnerability@kaspersky.com", "ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC" : "2019-03-01T00:00:00", "DATE_PUBLIC": "2019-03-01T00:00:00",
"ID" : "CVE-2019-8266", "ID": "CVE-2019-8266",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "UltraVNC", "product_name": "UltraVNC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.2.2.3" "version_value": "1.2.2.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Kaspersky Lab" "vendor_name": "Kaspersky Lab"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-788: Access of Memory Location After End of Buffer"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/" "lang": "eng",
} "value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
}
]
}
}

160
2019/8xxx/CVE-2019-8942.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8942", "ID": "CVE-2019-8942",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46511", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46511/" "lang": "eng",
}, "value": "WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif metadata. Exploitation can leverage CVE-2019-8943."
{ }
"name" : "https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/", ]
"refsource" : "MISC", },
"url" : "https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://wpvulndb.com/vulnerabilities/9222", "description": [
"refsource" : "MISC", {
"url" : "https://wpvulndb.com/vulnerabilities/9222" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-4401", ]
"refsource" : "DEBIAN", }
"url" : "https://www.debian.org/security/2019/dsa-4401" ]
}, },
{ "references": {
"name" : "107088", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/107088" "name": "https://wpvulndb.com/vulnerabilities/9222",
} "refsource": "MISC",
] "url": "https://wpvulndb.com/vulnerabilities/9222"
} },
} {
"name": "46511",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46511/"
},
{
"name": "107088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107088"
},
{
"name": "https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/",
"refsource": "MISC",
"url": "https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/"
},
{
"name": "DSA-4401",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4401"
}
]
}
}

34
2019/9xxx/CVE-2019-9286.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9286", "ID": "CVE-2019-9286",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9466.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9466", "ID": "CVE-2019-9466",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9520.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9520", "ID": "CVE-2019-9520",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/9xxx/CVE-2019-9712.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9712", "ID": "CVE-2019-9712",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://developer.joomla.org/security-centre/772-20190301-core-xss-in-com-config-json-handler", "description_data": [
"refsource" : "MISC", {
"url" : "https://developer.joomla.org/security-centre/772-20190301-core-xss-in-com-config-json-handler" "lang": "eng",
}, "value": "An issue was discovered in Joomla! before 3.9.4. The JSON handler in com_config lacks input validation, leading to XSS."
{ }
"name" : "107374", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107374" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://developer.joomla.org/security-centre/772-20190301-core-xss-in-com-config-json-handler",
"refsource": "MISC",
"url": "https://developer.joomla.org/security-centre/772-20190301-core-xss-in-com-config-json-handler"
},
{
"name": "107374",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107374"
}
]
}
}