admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 03:47:16 +00:00
parent 3bb3522626
commit 84e299bb49
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
70 changed files with 3915 additions and 3915 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
2007/0xxx/CVE-2007-0371.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0371", "ID": "CVE-2007-0371",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3155", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3155" "lang": "eng",
}, "value": "A certain ActiveX control in the Common Controls Replacement Project (CCRP) CCRP BrowseDialog Server (ccrpbds6.dll) allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long CCRP_BDc.SelectedFolder property value."
{ }
"name" : "22110", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22110" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "34647", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34647" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "22110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22110"
},
{
"name": "3155",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3155"
},
{
"name": "34647",
"refsource": "OSVDB",
"url": "http://osvdb.org/34647"
}
]
}
} }

178
2007/0xxx/CVE-2007-0407.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0407", "ID": "CVE-2007-0407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than CVE-2007-0308. NOTE: it is possible that a separate \"WikiPage titles\" issue was also fixed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.plainblack.com/bugs/tracker/security-update-cross-site-scripting-vulnerability", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.plainblack.com/bugs/tracker/security-update-cross-site-scripting-vulnerability" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Operation/User.pm in Plain Black WebGUI before 7.3.5 (beta) allows remote attackers to inject arbitrary web script or HTML via the username parameter during anonymous registration, a different vector than CVE-2007-0308. NOTE: it is possible that a separate \"WikiPage titles\" issue was also fixed."
{ }
"name" : "http://www.plainblack.com/downloads/builds/7.3.5-beta/WebGUI/docs/changelog/7.x.x.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.plainblack.com/downloads/builds/7.3.5-beta/WebGUI/docs/changelog/7.x.x.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22114", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22114" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0242", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0242" ]
}, },
{ "references": {
"name" : "32928", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32928" "name": "32928",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32928"
"name" : "23754", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23754" "name": "22114",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22114"
"name" : "webgui-username-xss(31573)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31573" "name": "ADV-2007-0242",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0242"
} },
{
"name": "webgui-username-xss(31573)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31573"
},
{
"name": "http://www.plainblack.com/downloads/builds/7.3.5-beta/WebGUI/docs/changelog/7.x.x.txt",
"refsource": "CONFIRM",
"url": "http://www.plainblack.com/downloads/builds/7.3.5-beta/WebGUI/docs/changelog/7.x.x.txt"
},
{
"name": "23754",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23754"
},
{
"name": "http://www.plainblack.com/bugs/tracker/security-update-cross-site-scripting-vulnerability",
"refsource": "CONFIRM",
"url": "http://www.plainblack.com/bugs/tracker/security-update-cross-site-scripting-vulnerability"
}
]
}
} }

168
2007/0xxx/CVE-2007-0575.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0575", "ID": "CVE-2007-0575",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070127 AdMentor (banners) admin SQL injection", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458303/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in the administrative login page (admin/login.asp) in ASPCode.net AdMentor allow remote attackers to execute arbitrary SQL commands via the (1) Userid and (2) Password fields."
{ }
"name" : "20070220 AdMentor Script Remote SQL injection Exploit", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/460632/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2606", "description": [
"refsource" : "MISC", {
"url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2606" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22281", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22281" ]
}, },
{ "references": {
"name" : "2207", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2207" "name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2606",
}, "refsource": "MISC",
{ "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2606"
"name" : "admentor-adminlogin-sql-injection(31908)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31908" "name": "20070220 AdMentor Script Remote SQL injection Exploit",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/460632/100/100/threaded"
} },
{
"name": "2207",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2207"
},
{
"name": "admentor-adminlogin-sql-injection(31908)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31908"
},
{
"name": "20070127 AdMentor (banners) admin SQL injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458303/100/0/threaded"
},
{
"name": "22281",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22281"
}
]
}
} }

118
2007/0xxx/CVE-2007-0663.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0663", "ID": "CVE-2007-0663",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter, a different vector than CVE-2007-0631. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "ADV-2007-0424", "description_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0424" "lang": "eng",
} "value": "SQL injection vulnerability in index.php in Eclectic Designs CascadianFAQ 4.1 and earlier allows remote attackers to execute arbitrary SQL commands via the qid parameter, a different vector than CVE-2007-0631. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0424",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0424"
}
]
}
} }

188
2007/0xxx/CVE-2007-0732.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0732", "ID": "CVE-2007-0732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving \"obtaining a send right to [the] Mach task port.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305391", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305391" "lang": "eng",
}, "value": "Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving \"obtaining a send right to [the] Mach task port.\""
{ }
"name" : "APPLE-SA-2007-04-19", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-109A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23569", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23569" ]
}, },
{ "references": {
"name" : "ADV-2007-1470", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1470" "name": "24966",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24966"
"name" : "34859", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/34859" "name": "http://docs.info.apple.com/article.html?artnum=305391",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305391"
"name" : "1017942", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1017942" "name": "23569",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23569"
"name" : "24966", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24966" "name": "34859",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/34859"
} },
{
"name": "1017942",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017942"
},
{
"name": "TA07-109A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html"
},
{
"name": "APPLE-SA-2007-04-19",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html"
},
{
"name": "ADV-2007-1470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1470"
}
]
}
} }

188
2007/0xxx/CVE-2007-0986.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0986", "ID": "CVE-2007-0986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote attackers to execute arbitrary PHP code via an ftp URL in the n parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/460076/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5, when PHP 5.0.0 or later is used, allows remote attackers to execute arbitrary PHP code via an ftp URL in the n parameter."
{ }
"name" : "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/460100/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://mgsdl.free.fr/advisories/12070214.txt", "description": [
"refsource" : "MISC", {
"url" : "http://mgsdl.free.fr/advisories/12070214.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.acid-root.new.fr/advisories/12070214.txt", ]
"refsource" : "MISC", }
"url" : "http://www.acid-root.new.fr/advisories/12070214.txt" ]
}, },
{ "references": {
"name" : "3309", "reference_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3309" "name": "http://mgsdl.free.fr/advisories/12070214.txt",
}, "refsource": "MISC",
{ "url": "http://mgsdl.free.fr/advisories/12070214.txt"
"name" : "22560", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22560" "name": "22560",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22560"
"name" : "33730", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33730" "name": "jupitercm-index-n-file-include(32519)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32519"
"name" : "jupitercm-index-n-file-include(32519)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32519" "name": "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/460076/100/0/threaded"
} },
{
"name": "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460100/100/0/threaded"
},
{
"name": "http://www.acid-root.new.fr/advisories/12070214.txt",
"refsource": "MISC",
"url": "http://www.acid-root.new.fr/advisories/12070214.txt"
},
{
"name": "33730",
"refsource": "OSVDB",
"url": "http://osvdb.org/33730"
},
{
"name": "3309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3309"
}
]
}
} }

168
2007/1xxx/CVE-2007-1087.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1087", "ID": "CVE-2007-1087",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481" "lang": "eng",
}, "value": "IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow."
{ }
"name" : "IY94833", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21255747" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070818 Recent DB2 Vulnerabilities", "description": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2007-August/001765.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22677", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22677" ]
}, },
{ "references": {
"name" : "40970", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/40970" "name": "40970",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/40970"
"name" : "db2-bss-bo(32651)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32651" "name": "20070818 Recent DB2 Vulnerabilities",
} "refsource": "VIM",
] "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
} },
{
"name": "IY94833",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
},
{
"name": "db2-bss-bo(32651)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32651"
},
{
"name": "20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
},
{
"name": "22677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22677"
}
]
}
} }

158
2007/1xxx/CVE-2007-1373.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1373", "ID": "CVE-2007-1373",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070306 Mercury/32 4.01b", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052802.html" "lang": "eng",
}, "value": "Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961."
{ }
"name" : "33883", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/33883" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24367", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24367" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2398", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2398" ]
}, },
{ "references": {
"name" : "mercury-imap-bo(32848)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32848" "name": "33883",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33883"
} },
{
"name": "20070306 Mercury/32 4.01b",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052802.html"
},
{
"name": "2398",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2398"
},
{
"name": "mercury-imap-bo(32848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32848"
},
{
"name": "24367",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24367"
}
]
}
} }

148
2007/1xxx/CVE-2007-1432.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1432", "ID": "CVE-2007-1432",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks.php, (5) edit_users.php, and (6) add_links.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070310 Grayscale <= 0.8.0 Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/462441/100/0/threaded" "lang": "eng",
}, "value": "Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks.php, (5) edit_users.php, and (6) add_links.php."
{ }
"name" : "22911", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22911" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0916", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0916" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2417", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2417" ]
} },
] "references": {
} "reference_data": [
{
"name": "ADV-2007-0916",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0916"
},
{
"name": "2417",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2417"
},
{
"name": "20070310 Grayscale <= 0.8.0 Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462441/100/0/threaded"
},
{
"name": "22911",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22911"
}
]
}
} }

188
2007/1xxx/CVE-2007-1655.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1655", "ID": "CVE-2007-1655",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q=", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q=" "lang": "eng",
}, "value": "Buffer overflow in the fun_ladd function in funmath.cpp in TinyMUX before 20070126 might allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors related to lists of numbers."
{ }
"name" : "http://www.tinymux.org/changes.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://www.tinymux.org/changes.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1317", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1317" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23292", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23292" ]
}, },
{ "references": {
"name" : "ADV-2007-1213", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1213" "name": "34686",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/34686"
"name" : "34686", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34686" "name": "ADV-2007-1213",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1213"
"name" : "24733", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24733" "name": "25784",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25784"
"name" : "25784", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25784" "name": "http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q=",
} "refsource": "CONFIRM",
] "url": "http://code.google.com/p/tinymux/issues/detail?id=282&can=2&q="
} },
{
"name": "24733",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24733"
},
{
"name": "DSA-1317",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1317"
},
{
"name": "23292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23292"
},
{
"name": "http://www.tinymux.org/changes.txt",
"refsource": "CONFIRM",
"url": "http://www.tinymux.org/changes.txt"
}
]
}
} }

148
2007/1xxx/CVE-2007-1956.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1956", "ID": "CVE-2007-1956",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070408 UBB.threads (<= 6.1.1) SQL Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/465076/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in ubbthreads.php in Groupee UBB.threads 6.1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the C parameter."
{ }
"name" : "23369", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23369" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2545", "description": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2545" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ubbthreads-ubbthreads-sql-injection(33509)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33509" ]
} },
] "references": {
} "reference_data": [
{
"name": "ubbthreads-ubbthreads-sql-injection(33509)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33509"
},
{
"name": "2545",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2545"
},
{
"name": "20070408 UBB.threads (<= 6.1.1) SQL Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/465076/100/0/threaded"
},
{
"name": "23369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23369"
}
]
}
} }

138
2007/4xxx/CVE-2007-4309.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4309", "ID": "CVE-2007-4309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.heise-security.co.uk/news/92958", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.heise-security.co.uk/news/92958" "lang": "eng",
}, "value": "IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696."
{ }
"name" : "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085", ]
"refsource" : "CONFIRM", },
"url" : "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1018433", "description": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018433" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1018433",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018433"
},
{
"name": "http://www.heise-security.co.uk/news/92958",
"refsource": "MISC",
"url": "http://www.heise-security.co.uk/news/92958"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085"
}
]
}
} }

218
2007/4xxx/CVE-2007-4326.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4326", "ID": "CVE-2007-4326",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070809 Bilder Uploader 1.3 Remote Command Execution Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/475954/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Bilder Uploader 1.3 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) gruppen.php, (2) bild.php, (3) feed.php, (4) mitglieder.php, (5) online.php, (6) profil.php, and possibly other unspecified PHP scripts."
{ }
"name" : "ADV-2007-2836", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/2836" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36443", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36443" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36444", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36444" ]
}, },
{ "references": {
"name" : "36445", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36445" "name": "2993",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2993"
"name" : "36446", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36446" "name": "36445",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36445"
"name" : "36447", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36447" "name": "ADV-2007-2836",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2836"
"name" : "36448", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36448" "name": "36444",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36444"
"name" : "26399", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26399" "name": "36446",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36446"
"name" : "2993", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2993" "name": "26399",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26399"
"name" : "bilder-mitglieder-file-include(35922)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35922" "name": "bilder-mitglieder-file-include(35922)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35922"
} },
{
"name": "36447",
"refsource": "OSVDB",
"url": "http://osvdb.org/36447"
},
{
"name": "20070809 Bilder Uploader 1.3 Remote Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/475954/100/0/threaded"
},
{
"name": "36448",
"refsource": "OSVDB",
"url": "http://osvdb.org/36448"
},
{
"name": "36443",
"refsource": "OSVDB",
"url": "http://osvdb.org/36443"
}
]
}
} }

168
2007/4xxx/CVE-2007-4402.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4402", "ID": "CVE-2007-4402",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/476283/100/0/threaded" "lang": "eng",
}, "value": "Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file."
{ }
"name" : "20070815 Re: Vulnerability in multiple \"now playing\" scripts for various IRC clients", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/476649/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://wouter.coekaerts.be/site/security/nowplaying", ]
"refsource" : "MISC", }
"url" : "http://wouter.coekaerts.be/site/security/nowplaying" ]
}, },
{ "references": {
"name" : "26491", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26491" "name": "3036",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3036"
"name" : "3036", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3036" "name": "20070815 Re: Vulnerability in multiple \"now playing\" scripts for various IRC clients",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/476649/100/0/threaded"
} },
{
"name": "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065227.html"
},
{
"name": "20070812 Vulnerability in multiple \"now playing\" scripts for various IRC clients",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/476283/100/0/threaded"
},
{
"name": "http://wouter.coekaerts.be/site/security/nowplaying",
"refsource": "MISC",
"url": "http://wouter.coekaerts.be/site/security/nowplaying"
},
{
"name": "26491",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26491"
}
]
}
} }

198
2015/2xxx/CVE-2015-2172.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2172", "ID": "CVE-2015-2172",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150301 Re: CVE request: DokuWiki privilege escalation in RPC API", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/03/02/2" "lang": "eng",
}, "value": "DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API."
{ }
"name" : "https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/splitbrain/dokuwiki/issues/1056", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/splitbrain/dokuwiki/issues/1056" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.dokuwiki.org/changes", ]
"refsource" : "CONFIRM", }
"url" : "https://www.dokuwiki.org/changes" ]
}, },
{ "references": {
"name" : "http://advisories.mageia.org/MGASA-2015-0093.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://advisories.mageia.org/MGASA-2015-0093.html" "name": "https://github.com/splitbrain/dokuwiki/issues/1056",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/splitbrain/dokuwiki/issues/1056"
"name" : "FEDORA-2015-3079", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153266.html" "name": "FEDORA-2015-3079",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153266.html"
"name" : "FEDORA-2015-3186", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153062.html" "name": "https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f"
"name" : "FEDORA-2015-3211", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152994.html" "name": "https://www.dokuwiki.org/changes",
}, "refsource": "CONFIRM",
{ "url": "https://www.dokuwiki.org/changes"
"name" : "72827", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72827" "name": "72827",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/72827"
} },
{
"name": "FEDORA-2015-3186",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153062.html"
},
{
"name": "FEDORA-2015-3211",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152994.html"
},
{
"name": "[oss-security] 20150301 Re: CVE request: DokuWiki privilege escalation in RPC API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/02/2"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0093.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0093.html"
}
]
}
} }

32
2015/2xxx/CVE-2015-2303.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-2303", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-2303",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6406. Reason: This candidate is a reservation duplicate of CVE-2014-6406. Notes: All CVE users should reference CVE-2014-6406 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6406. Reason: This candidate is a reservation duplicate of CVE-2014-6406. Notes: All CVE users should reference CVE-2014-6406 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

128
2015/2xxx/CVE-2015-2329.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2329", "ID": "CVE-2015-2329",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted order."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://fortiguard.com/zeroday/FG-VD-15-020", "description_data": [
"refsource" : "MISC", {
"url" : "https://fortiguard.com/zeroday/FG-VD-15-020" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the WooCommerce plugin before 2.3.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted order."
{ }
"name" : "https://raw.githubusercontent.com/woocommerce/woocommerce/master/CHANGELOG.txt", ]
"refsource" : "CONFIRM", },
"url" : "https://raw.githubusercontent.com/woocommerce/woocommerce/master/CHANGELOG.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://raw.githubusercontent.com/woocommerce/woocommerce/master/CHANGELOG.txt",
"refsource": "CONFIRM",
"url": "https://raw.githubusercontent.com/woocommerce/woocommerce/master/CHANGELOG.txt"
},
{
"name": "https://fortiguard.com/zeroday/FG-VD-15-020",
"refsource": "MISC",
"url": "https://fortiguard.com/zeroday/FG-VD-15-020"
}
]
}
} }

168
2015/3xxx/CVE-2015-3776.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3776", "ID": "CVE-2015-3776",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "76343", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76343" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "1033275", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033275" "name": "1033275",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1033275"
} },
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "76343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76343"
}
]
}
} }

168
2015/3xxx/CVE-2015-3805.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3805", "ID": "CVE-2015-3805",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205030", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205030" "lang": "eng",
}, "value": "Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3802."
{ }
"name" : "https://support.apple.com/kb/HT205031", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/kb/HT205031" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-13-3", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" ]
}, },
{ "references": {
"name" : "76343", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76343" "name": "https://support.apple.com/kb/HT205030",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/kb/HT205030"
"name" : "1033275", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033275" "name": "1033275",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1033275"
} },
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-13-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "76343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76343"
}
]
}
} }

138
2015/6xxx/CVE-2015-6405.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6405", "ID": "CVE-2015-6405",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151210 Cisco Emergency Responder Service Web Framework Cross-Site Request Forgery Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-cers" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501."
{ }
"name" : "78812", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/78812" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034385", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034385" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20151210 Cisco Emergency Responder Service Web Framework Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-cers"
},
{
"name": "78812",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78812"
},
{
"name": "1034385",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034385"
}
]
}
} }

32
2015/6xxx/CVE-2015-6438.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6438", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6438",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

138
2015/6xxx/CVE-2015-6704.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-6704", "ID": "CVE-2015-6704",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6703."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-482", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-482" "lang": "eng",
}, "value": "The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via a function call, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6700, CVE-2015-6701, CVE-2015-6702, and CVE-2015-6703."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033796", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033796" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-482",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-482"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
},
{
"name": "1033796",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033796"
}
]
}
} }

32
2015/6xxx/CVE-2015-6739.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6739", "ID": "CVE-2015-6739",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2015/6xxx/CVE-2015-6861.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6861", "ID": "CVE-2015-6861",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole permission requirement and assume an IAM role by leveraging a policy setting for a user's account."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926482", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926482" "lang": "eng",
}, "value": "HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole permission requirement and assume an IAM role by leveraging a policy setting for a user's account."
{ }
"name" : "79650", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/79650" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926482",
"refsource": "CONFIRM",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926482"
},
{
"name": "79650",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79650"
}
]
}
} }

168
2015/7xxx/CVE-2015-7191.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-7191", "ID": "CVE-2015-7191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka \"Universal XSS (UXSS).\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-125.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-125.html" "lang": "eng",
}, "value": "Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting (XSS) attacks via vectors involving an intent: URL and fallback navigation, aka \"Universal XSS (UXSS).\""
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208956", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1208956" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201512-10", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201512-10" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1942", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" "name": "1034069",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034069"
"name" : "1034069", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034069" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208956",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1208956"
} },
{
"name": "GLSA-201512-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201512-10"
},
{
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-125.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-125.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
},
{
"name": "openSUSE-SU-2015:1942",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html"
}
]
}
} }

138
2015/7xxx/CVE-2015-7407.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7407", "ID": "CVE-2015-7407",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970299", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21970299" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."
{ }
"name" : "IT12268", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "78455", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78455" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "IT12268",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268"
},
{
"name": "78455",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78455"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21970299",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21970299"
}
]
}
} }

32
2015/7xxx/CVE-2015-7690.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7690", "ID": "CVE-2015-7690",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2015/7xxx/CVE-2015-7986.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7986", "ID": "CVE-2015-7986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTTP request, aka SAP Security Note 2197428."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160127 [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537376/100/0/threaded" "lang": "eng",
}, "value": "The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTTP request, aka SAP Security Note 2197428."
{ }
"name" : "39382", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/39382/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20160127 [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption", "description": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Jan/94" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://erpscan.io/advisories/erpscan-15-024-sap-hana-hdbindexserver-memory-corruption/", ]
"refsource" : "MISC", }
"url" : "https://erpscan.io/advisories/erpscan-15-024-sap-hana-hdbindexserver-memory-corruption/" ]
}, },
{ "references": {
"name" : "http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review", "reference_data": [
"refsource" : "MISC", {
"url" : "http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review" "name": "http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review",
}, "refsource": "MISC",
{ "url": "http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review"
"name" : "http://packetstormsecurity.com/files/135416/SAP-HANA-hdbindexserver-Memory-Corruption.html", },
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/135416/SAP-HANA-hdbindexserver-Memory-Corruption.html" "name": "39382",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/39382/"
} },
{
"name": "http://packetstormsecurity.com/files/135416/SAP-HANA-hdbindexserver-Memory-Corruption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135416/SAP-HANA-hdbindexserver-Memory-Corruption.html"
},
{
"name": "20160127 [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537376/100/0/threaded"
},
{
"name": "https://erpscan.io/advisories/erpscan-15-024-sap-hana-hdbindexserver-memory-corruption/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-15-024-sap-hana-hdbindexserver-memory-corruption/"
},
{
"name": "20160127 [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Jan/94"
}
]
}
} }

128
2016/0xxx/CVE-2016-0033.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0033", "ID": "CVE-2016-0033",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service (performance degradation) via crafted XSLT data, aka \".NET Framework Stack Overflow Denial of Service Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-019", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-019" "lang": "eng",
}, "value": "Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 does not prevent recursive compilation of XSLT transforms, which allows remote attackers to cause a denial of service (performance degradation) via crafted XSLT data, aka \".NET Framework Stack Overflow Denial of Service Vulnerability.\""
{ }
"name" : "1034983", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034983" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS16-019",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-019"
},
{
"name": "1034983",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034983"
}
]
}
} }

32
2016/0xxx/CVE-2016-0163.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-0163", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-0163",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

118
2016/0xxx/CVE-2016-0268.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0268", "ID": "CVE-2016-0268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977245" "lang": "eng",
} "value": "XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977245"
}
]
}
} }

168
2016/0xxx/CVE-2016-0605.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0605", "ID": "CVE-2016-0605",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors."
{ }
"name" : "RHSA-2016:0705", ]
"refsource" : "REDHAT", },
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "openSUSE-SU-2016:0367", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2016:0377", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" ]
}, },
{ "references": {
"name" : "81253", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81253" "name": "openSUSE-SU-2016:0367",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html"
"name" : "1034708", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034708" "name": "1034708",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1034708"
} },
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "81253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81253"
},
{
"name": "openSUSE-SU-2016:0377",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html"
},
{
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
}
]
}
} }

168
2016/0xxx/CVE-2016-0779.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0779", "ID": "CVE-2016-0779",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160315 [ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537806/100/0/threaded" "lang": "eng",
}, "value": "The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object."
{ }
"name" : "[tomee-dev] 20160404 Document resolved vulnerability CVE-2015-8581", ]
"refsource" : "MLIST", },
"url" : "http://tomee-openejb.979440.n4.nabble.com/Document-resolved-vulnerability-CVE-2015-8581-td4678073.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-638", ]
"refsource" : "MISC", }
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-638" ]
}, },
{ "references": {
"name" : "http://tomee.apache.org/security/tomee.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://tomee.apache.org/security/tomee.html" "name": "79204",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79204"
"name" : "79204", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79204" "name": "http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.com/files/136256/Apache-TomEE-Patched.html"
} },
{
"name": "[tomee-dev] 20160404 Document resolved vulnerability CVE-2015-8581",
"refsource": "MLIST",
"url": "http://tomee-openejb.979440.n4.nabble.com/Document-resolved-vulnerability-CVE-2015-8581-td4678073.html"
},
{
"name": "20160315 [ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537806/100/0/threaded"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-638",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-638"
},
{
"name": "http://tomee.apache.org/security/tomee.html",
"refsource": "CONFIRM",
"url": "http://tomee.apache.org/security/tomee.html"
}
]
}
} }

228
2016/0xxx/CVE-2016-0787.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0787", "ID": "CVE-2016-0787",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.libssh2.org/CVE-2016-0787.patch", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.libssh2.org/CVE-2016-0787.patch" "lang": "eng",
}, "value": "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\""
{ }
"name" : "https://www.libssh2.org/adv_20160223.html", ]
"refsource" : "CONFIRM", },
"url" : "https://www.libssh2.org/adv_20160223.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", "description": [
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10156" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" ]
}, },
{ "references": {
"name" : "https://bto.bluecoat.com/security-advisory/sa120", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa120" "name": "FEDORA-2016-215a2219b1",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html"
"name" : "https://puppet.com/security/cve/CVE-2016-0787", },
"refsource" : "CONFIRM", {
"url" : "https://puppet.com/security/cve/CVE-2016-0787" "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156",
}, "refsource": "CONFIRM",
{ "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156"
"name" : "DSA-3487", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3487" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"name" : "FEDORA-2016-215a2219b1", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html" "name": "https://www.libssh2.org/CVE-2016-0787.patch",
}, "refsource": "CONFIRM",
{ "url": "https://www.libssh2.org/CVE-2016-0787.patch"
"name" : "FEDORA-2016-7942ee2cc5", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html" "name": "https://www.libssh2.org/adv_20160223.html",
}, "refsource": "CONFIRM",
{ "url": "https://www.libssh2.org/adv_20160223.html"
"name" : "GLSA-201606-12", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-12" "name": "https://puppet.com/security/cve/CVE-2016-0787",
}, "refsource": "CONFIRM",
{ "url": "https://puppet.com/security/cve/CVE-2016-0787"
"name" : "openSUSE-SU-2016:0639", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html" "name": "FEDORA-2016-7942ee2cc5",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html"
"name" : "82514", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/82514" "name": "GLSA-201606-12",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201606-12"
} },
{
"name": "openSUSE-SU-2016:0639",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa120",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa120"
},
{
"name": "DSA-3487",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3487"
},
{
"name": "82514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/82514"
}
]
}
} }

138
2016/1000xxx/CVE-2016-1000154.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000154", "ID": "CVE-2016-1000154",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Reflected XSS in wordpress plugin whizz v1.0.7"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=112", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=112" "lang": "eng",
}, "value": "Reflected XSS in wordpress plugin whizz v1.0.7"
{ }
"name" : "https://wordpress.org/plugins/whizz", ]
"refsource" : "MISC", },
"url" : "https://wordpress.org/plugins/whizz" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93538", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93538" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=112",
"refsource": "MISC",
"url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=112"
},
{
"name": "https://wordpress.org/plugins/whizz",
"refsource": "MISC",
"url": "https://wordpress.org/plugins/whizz"
},
{
"name": "93538",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93538"
}
]
}
} }

148
2016/1xxx/CVE-2016-1045.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-1045", "ID": "CVE-2016-1045",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-293", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-293" "lang": "eng",
}, "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107."
{ }
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", ]
"refsource" : "CONFIRM", },
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "90512", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90512" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1035828", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1035828" ]
} },
] "references": {
} "reference_data": [
{
"name": "90512",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90512"
},
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-16-293",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-16-293"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
} }

128
2016/1xxx/CVE-2016-1347.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1347", "ID": "CVE-2016-1347",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160323 Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f" "lang": "eng",
}, "value": "The Wide Area Application Services (WAAS) Express implementation in Cisco IOS 15.1 through 15.5 allows remote attackers to cause a denial of service (device reload) via a crafted TCP segment, aka Bug ID CSCuq59708."
{ }
"name" : "1035380", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1035380" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20160323 Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160323-l4f"
},
{
"name": "1035380",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035380"
}
]
}
} }

128
2016/1xxx/CVE-2016-1860.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1860", "ID": "CVE-2016-1860",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT206567", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206567" "lang": "eng",
}, "value": "Intel Graphics Driver in Apple OS X before 10.11.5 allows attackers to obtain sensitive kernel memory-layout information via a crafted app, a different vulnerability than CVE-2016-1862."
{ }
"name" : "APPLE-SA-2016-05-16-4", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT206567",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206567"
},
{
"name": "APPLE-SA-2016-05-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html"
}
]
}
} }

218
2016/1xxx/CVE-2016-1863.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-1863", "ID": "CVE-2016-1863",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40652", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40652/" "lang": "eng",
}, "value": "The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653."
{ }
"name" : "https://support.apple.com/HT206902", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT206902" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT206903", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206903" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT206904", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT206904" ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT206905", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206905" "name": "1036344",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036344"
"name" : "APPLE-SA-2016-07-18-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" "name": "40652",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40652/"
"name" : "APPLE-SA-2016-07-18-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" "name": "APPLE-SA-2016-07-18-4",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html"
"name" : "APPLE-SA-2016-07-18-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" "name": "APPLE-SA-2016-07-18-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html"
"name" : "APPLE-SA-2016-07-18-4", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" "name": "APPLE-SA-2016-07-18-2",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html"
"name" : "91828", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91828" "name": "91828",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/91828"
"name" : "1036344", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036344" "name": "APPLE-SA-2016-07-18-1",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
} },
{
"name": "https://support.apple.com/HT206905",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206905"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
},
{
"name": "https://support.apple.com/HT206902",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206902"
},
{
"name": "https://support.apple.com/HT206904",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206904"
}
]
}
} }

148
2016/1xxx/CVE-2016-1928.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1928", "ID": "CVE-2016-1928",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160427 Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON - DoS vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/538212/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978."
{ }
"name" : "20160420 [ERPSCAN-16-005] SAP HANA hdbxsengine JSON - DoS vulnerability", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Apr/65" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://erpscan.io/advisories/erpscan-16-005-sap-hana-hdbxsengine-json-dos/", "description": [
"refsource" : "MISC", {
"url" : "https://erpscan.io/advisories/erpscan-16-005-sap-hana-hdbxsengine-json-dos/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/", ]
"refsource" : "MISC", }
"url" : "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/" ]
} },
] "references": {
} "reference_data": [
{
"name": "https://erpscan.io/advisories/erpscan-16-005-sap-hana-hdbxsengine-json-dos/",
"refsource": "MISC",
"url": "https://erpscan.io/advisories/erpscan-16-005-sap-hana-hdbxsengine-json-dos/"
},
{
"name": "20160420 [ERPSCAN-16-005] SAP HANA hdbxsengine JSON - DoS vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/65"
},
{
"name": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/",
"refsource": "MISC",
"url": "https://erpscan.io/press-center/blog/sap-security-notes-january-2016-review/"
},
{
"name": "20160427 Re: [ERPSCAN-16-005] SAP HANA hdbxsengine JSON - DoS vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/538212/100/0/threaded"
}
]
}
} }

148
2016/4xxx/CVE-2016-4076.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4076", "ID": "CVE-2016-4076",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2016-19.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2016-19.html" "lang": "eng",
}, "value": "epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11591", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11591" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ea8e6955fcff21333c203bc00f69d5025761459b", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ea8e6955fcff21333c203bc00f69d5025761459b" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1035685", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1035685" ]
} },
] "references": {
} "reference_data": [
{
"name": "1035685",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035685"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11591",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11591"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2016-19.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2016-19.html"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ea8e6955fcff21333c203bc00f69d5025761459b",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=ea8e6955fcff21333c203bc00f69d5025761459b"
}
]
}
} }

178
2016/4xxx/CVE-2016-4243.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4243", "ID": "CVE-2016-4243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
{ }
"name" : "GLSA-201607-03", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201607-03" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1423", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1423" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:1826", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:1802", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" "name": "SUSE-SU-2016:1826",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
"name" : "91725", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91725" "name": "GLSA-201607-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201607-03"
"name" : "1036280", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036280" "name": "openSUSE-SU-2016:1802",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
} },
{
"name": "91725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91725"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
},
{
"name": "RHSA-2016:1423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1423"
},
{
"name": "1036280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036280"
}
]
}
} }

32
2016/4xxx/CVE-2016-4744.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-4744", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-4744",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

138
2016/4xxx/CVE-2016-4821.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4821", "ID": "CVE-2016-4821",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.iodata.jp/support/information/2016/etx-r/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.iodata.jp/support/information/2016/etx-r/" "lang": "eng",
}, "value": "I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors."
{ }
"name" : "JVN#96052093", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN96052093/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000101", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000101" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000101",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000101"
},
{
"name": "JVN#96052093",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN96052093/index.html"
},
{
"name": "http://www.iodata.jp/support/information/2016/etx-r/",
"refsource": "CONFIRM",
"url": "http://www.iodata.jp/support/information/2016/etx-r/"
}
]
}
} }

128
2016/4xxx/CVE-2016-4946.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4946", "ID": "CVE-2016-4946",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE 3.9.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name or (2) Last name field in the HUE Users page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf", "description_data": [
"refsource" : "MISC", {
"url" : "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Cloudera HUE 3.9.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name or (2) Last name field in the HUE Users page."
{ }
"name" : "93881", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93881" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93881"
},
{
"name": "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf",
"refsource": "MISC",
"url": "http://2016.hack.lu/archive/2016/Wavestone%20-%20Hack.lu%202016%20-%20Hadoop%20safari%20-%20Hunting%20for%20vulnerabilities%20-%20v1.0.pdf"
}
]
}
} }

118
2016/4xxx/CVE-2016-4988.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-4988", "ID": "CVE-2016-4988",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-06-20"
}
]
}
} }

310
2019/0xxx/CVE-2019-0003.json
View File

@ -1,158 +1,158 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC" : "2019-01-09T17:00:00.000Z", "DATE_PUBLIC": "2019-01-09T17:00:00.000Z",
"ID" : "CVE-2019-0003", "ID": "CVE-2019-0003",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core." "TITLE": "Junos OS: A flowspec BGP update with a specific term-order causes routing protocol daemon (rpd) process to crash with a core."
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Junos OS", "product_name": "Junos OS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"affected" : "<", "affected": "<",
"platform" : "SRX Series", "platform": "SRX Series",
"version_name" : "12.1X46", "version_name": "12.1X46",
"version_value" : "12.1X46-D77" "version_value": "12.1X46-D77"
}, },
{ {
"affected" : "<", "affected": "<",
"version_name" : "12.3", "version_name": "12.3",
"version_value" : "12.3R12-S10" "version_value": "12.3R12-S10"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "SRX Series", "platform": "SRX Series",
"version_name" : "12.3X48", "version_name": "12.3X48",
"version_value" : "12.3X48-D70" "version_value": "12.3X48-D70"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100", "platform": "EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100",
"version_name" : "14.1X53", "version_name": "14.1X53",
"version_value" : "14.1X53-D47" "version_value": "14.1X53-D47"
}, },
{ {
"affected" : "<", "affected": "<",
"version_name" : "15.1", "version_name": "15.1",
"version_value" : "15.1R3" "version_value": "15.1R3"
}, },
{ {
"affected" : "<", "affected": "<",
"version_name" : "15.1F", "version_name": "15.1F",
"version_value" : "15.1F3" "version_value": "15.1F3"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "SRX Series", "platform": "SRX Series",
"version_name" : "15.1X49", "version_name": "15.1X49",
"version_value" : "15.1X49-D140" "version_value": "15.1X49-D140"
}, },
{ {
"affected" : "<", "affected": "<",
"platform" : "EX2300/EX3400", "platform": "EX2300/EX3400",
"version_name" : "15.1X53", "version_name": "15.1X53",
"version_value" : "15.1X53-D59" "version_value": "15.1X53-D59"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Juniper Networks" "vendor_name": "Juniper Networks"
} }
]
}
},
"configuration" : [
{
"lang" : "eng",
"value" : "The following maximal parent* configuration is required:\n set protocols bgp group [FLOWSPEC]\nand\n set policy-options policy-statement\n set routing-options flow term-order\n\nSpecific child* relationship configuration details vary by implementation which may introduce this vulnerability.\n\n*\"parent\" and \"child\" as in a parent-child tree structure relationship within the CLI.\n"
}
],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400."
}
]
},
"exploit" : [
{
"lang" : "eng",
"value" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"privilegesRequired" : "NONE",
"scope" : "UNCHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incomplete assertion \nCWE-617: Reachable Assertion\nDenial of Service\n\nCAPEC:\n.262 Manipulate System Resources\n.262.607 Obstruction\n.262.607.582 Route Disabling\n.262.607.582.584 BGP Route Disabling \n"
}
] ]
} }
] },
}, "configuration": [
"references" : { {
"reference_data" : [ "lang": "eng",
{ "value": "The following maximal parent* configuration is required:\n set protocols bgp group [FLOWSPEC]\nand\n set policy-options policy-statement\n set routing-options flow term-order\n\nSpecific child* relationship configuration details vary by implementation which may introduce this vulnerability.\n\n*\"parent\" and \"child\" as in a parent-child tree structure relationship within the CLI.\n"
"name" : "https://kb.juniper.net/JSA10902", }
"refsource" : "CONFIRM", ],
"url" : "https://kb.juniper.net/JSA10902" "data_format": "MITRE",
}, "data_type": "CVE",
{ "data_version": "4.0",
"name" : "106544", "description": {
"refsource" : "BID", "description_data": [
"url" : "http://www.securityfocus.com/bid/106544" {
} "lang": "eng",
] "value": "When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D77 on SRX Series; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 15.1 versions prior to 15.1R3; 15.1F versions prior to 15.1F3; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400."
}, }
"solution" : [ ]
{ },
"lang" : "eng", "exploit": [
"value" : "The following software releases have been updated to resolve this specific issue: 12.1X46-D77, 12.3R12-S10, 12.3X48-D70, 14.1X53-D47, 15.1F3, 15.1R3, 15.1X49-D140, 15.1X53-D59, 16.1R1 and all subsequent releases.\n" {
} "lang": "eng",
], "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
"source" : { }
"advisory" : "JSA10902", ],
"defect" : [ "impact": {
"1116761" "cvss": {
], "attackComplexity": "LOW",
"discovery" : "USER" "attackVector": "NETWORK",
}, "availabilityImpact": "HIGH",
"work_around" : [ "baseScore": 7.5,
{ "baseSeverity": "HIGH",
"lang" : "eng", "confidentialityImpact": "NONE",
"value" : "Disable BGP flowspec.\nThere are no other available workarounds for this issue." "integrityImpact": "NONE",
} "privilegesRequired": "NONE",
] "scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incomplete assertion \nCWE-617: Reachable Assertion\nDenial of Service\n\nCAPEC:\n.262 Manipulate System Resources\n.262.607 Obstruction\n.262.607.582 Route Disabling\n.262.607.582.584 BGP Route Disabling \n"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10902",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10902"
},
{
"name": "106544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106544"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: 12.1X46-D77, 12.3R12-S10, 12.3X48-D70, 14.1X53-D47, 15.1F3, 15.1R3, 15.1X49-D140, 15.1X53-D59, 16.1R1 and all subsequent releases.\n"
}
],
"source": {
"advisory": "JSA10902",
"defect": [
"1116761"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Disable BGP flowspec.\nThere are no other available workarounds for this issue."
}
]
} }

32
2019/0xxx/CVE-2019-0690.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0690", "ID": "CVE-2019-0690",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3019.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3019", "ID": "CVE-2019-3019",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3140.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3140", "ID": "CVE-2019-3140",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3616.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3616", "ID": "CVE-2019-3616",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3761.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3761", "ID": "CVE-2019-3761",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3974.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3974", "ID": "CVE-2019-3974",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4441.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4441", "ID": "CVE-2019-4441",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4480.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4480", "ID": "CVE-2019-4480",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4629.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4629", "ID": "CVE-2019-4629",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/4xxx/CVE-2019-4892.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4892", "ID": "CVE-2019-4892",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6317.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6317", "ID": "CVE-2019-6317",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7155.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7155", "ID": "CVE-2019-7155",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7457.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7457", "ID": "CVE-2019-7457",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7459.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7459", "ID": "CVE-2019-7459",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7501.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7501", "ID": "CVE-2019-7501",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7811.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7811", "ID": "CVE-2019-7811",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8162.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8162", "ID": "CVE-2019-8162",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8330.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8330", "ID": "CVE-2019-8330",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8930.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8930", "ID": "CVE-2019-8930",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/8xxx/CVE-2019-8938.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8938", "ID": "CVE-2019-8938",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/9xxx/CVE-2019-9310.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9310", "ID": "CVE-2019-9310",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2019/9xxx/CVE-2019-9484.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9484", "ID": "CVE-2019-9484",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the modem password (which is 1234), or reconfiguring \"party mode\" or \"vacation mode.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://medium.com/@SergiuSechel/insecure-permissions-in-glen-dimplex-deutschland-gmbh-implementation-of-carel-pcoweb-configuration-ca3896f24835", "description_data": [
"refsource" : "MISC", {
"url" : "https://medium.com/@SergiuSechel/insecure-permissions-in-glen-dimplex-deutschland-gmbh-implementation-of-carel-pcoweb-configuration-ca3896f24835" "lang": "eng",
} "value": "The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows remote attackers to obtain access via an HTTP session on port 10000, as demonstrated by reading the modem password (which is 1234), or reconfiguring \"party mode\" or \"vacation mode.\""
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://medium.com/@SergiuSechel/insecure-permissions-in-glen-dimplex-deutschland-gmbh-implementation-of-carel-pcoweb-configuration-ca3896f24835",
"refsource": "MISC",
"url": "https://medium.com/@SergiuSechel/insecure-permissions-in-glen-dimplex-deutschland-gmbh-implementation-of-carel-pcoweb-configuration-ca3896f24835"
}
]
}
} }

118
2019/9xxx/CVE-2019-9748.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9748", "ID": "CVE-2019-9748",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompress_nlabel in mdns.c and a crash of the server (depending on the memory protection of the CPU and the operating system), or disclosure of memory content via error messages or a server response. NOTE: the product's web site states \"This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bitbucket.org/geekman/tinysvcmdns/issues/10/arbitrary-memory-read-while-parsing", "description_data": [
"refsource" : "MISC", {
"url" : "https://bitbucket.org/geekman/tinysvcmdns/issues/10/arbitrary-memory-read-while-parsing" "lang": "eng",
} "value": "In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompress_nlabel in mdns.c and a crash of the server (depending on the memory protection of the CPU and the operating system), or disclosure of memory content via error messages or a server response. NOTE: the product's web site states \"This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products.\""
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bitbucket.org/geekman/tinysvcmdns/issues/10/arbitrary-memory-read-while-parsing",
"refsource": "MISC",
"url": "https://bitbucket.org/geekman/tinysvcmdns/issues/10/arbitrary-memory-read-while-parsing"
}
]
}
} }