admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:51:45 +00:00
parent 534632b64f
commit 864dc53e97
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
60 changed files with 3684 additions and 3684 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
2007/2xxx/CVE-2007-2247.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2247", "ID": "CVE-2007-2247",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote attackers to execute arbitrary SQL commands via the item_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070422 phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/466706/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in modules/news/article.php in phpMySpace Gold 8.10 allows remote attackers to execute arbitrary SQL commands via the item_id parameter."
{ }
"name" : "23602", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23602" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1515", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1515" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35639", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35639" ]
}, },
{ "references": {
"name" : "2616", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2616" "name": "phpmyspace-article-sql-injection(33843)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33843"
"name" : "phpmyspace-article-sql-injection(33843)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33843" "name": "23602",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/23602"
} },
{
"name": "35639",
"refsource": "OSVDB",
"url": "http://osvdb.org/35639"
},
{
"name": "20070422 phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466706/100/0/threaded"
},
{
"name": "ADV-2007-1515",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1515"
},
{
"name": "2616",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2616"
}
]
}
} }

128
2007/2xxx/CVE-2007-2354.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2354", "ID": "CVE-2007-2354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing \"wsbroker1/webutil/about.r\", which reveals the operating system and product information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070429 Flaw in about.r OS and Progress version disclosure", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/467184/100/0/threaded" "lang": "eng",
}, "value": "Progress Webspeed Messenger allows remote attackers to obtain sensitive information via a WService parameter containing \"wsbroker1/webutil/about.r\", which reveals the operating system and product information."
{ }
"name" : "http://www.ishare.nl/", ]
"refsource" : "MISC", },
"url" : "http://www.ishare.nl/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070429 Flaw in about.r OS and Progress version disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/467184/100/0/threaded"
},
{
"name": "http://www.ishare.nl/",
"refsource": "MISC",
"url": "http://www.ishare.nl/"
}
]
}
} }

198
2007/2xxx/CVE-2007-2390.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2390", "ID": "CVE-2007-2390",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=305530", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305530" "lang": "eng",
}, "value": "Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Internet Gateway Device (IGD) packet."
{ }
"name" : "APPLE-SA-2007-05-24", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#116100", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/116100" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24144", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24144" ]
}, },
{ "references": {
"name" : "ADV-2007-1939", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1939" "name": "http://docs.info.apple.com/article.html?artnum=305530",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305530"
"name" : "35141", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/35141" "name": "macos-ichat-bo(34502)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34502"
"name" : "1018119", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018119" "name": "ADV-2007-1939",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1939"
"name" : "25402", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25402" "name": "APPLE-SA-2007-05-24",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
"name" : "macos-ichat-bo(34502)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34502" "name": "25402",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25402"
} },
{
"name": "VU#116100",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/116100"
},
{
"name": "24144",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24144"
},
{
"name": "1018119",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018119"
},
{
"name": "35141",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/35141"
}
]
}
} }

168
2007/2xxx/CVE-2007-2779.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2779", "ID": "CVE-2007-2779",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfo[content] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3948", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3948" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in template_csv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfo[content] parameter."
{ }
"name" : "24047", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24047" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1880", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1880" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36233", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36233" ]
}, },
{ "references": {
"name" : "25342", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25342" "name": "36233",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36233"
"name" : "libstats-templatecsv-file-include(34369)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34369" "name": "24047",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/24047"
} },
{
"name": "ADV-2007-1880",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1880"
},
{
"name": "3948",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3948"
},
{
"name": "libstats-templatecsv-file-include(34369)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34369"
},
{
"name": "25342",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25342"
}
]
}
} }

158
2007/3xxx/CVE-2007-3165.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3165", "ID": "CVE-2007-3165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[or-announce] 20070525 Tor 0.1.2.14 is released", "description_data": [
"refsource" : "MLIST", {
"url" : "http://archives.seul.org/or/announce/May-2007/msg00000.html" "lang": "eng",
}, "value": "Tor before 0.1.2.14 can construct circuits in which an entry guard is in the same family as the exit node, which might compromise the anonymity of traffic sources and destinations by exposing traffic to inappropriate remote observers."
{ }
"name" : "24180", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24180" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-1964", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1964" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35670", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35670" ]
}, },
{ "references": {
"name" : "25415", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25415" "name": "25415",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/25415"
} },
{
"name": "ADV-2007-1964",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1964"
},
{
"name": "35670",
"refsource": "OSVDB",
"url": "http://osvdb.org/35670"
},
{
"name": "24180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24180"
},
{
"name": "[or-announce] 20070525 Tor 0.1.2.14 is released",
"refsource": "MLIST",
"url": "http://archives.seul.org/or/announce/May-2007/msg00000.html"
}
]
}
} }

168
2007/3xxx/CVE-2007-3275.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3275", "ID": "CVE-2007-3275",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MailWasher Server before 2.2.1, when used with LDAP or Active Directory (AD), does not properly handle blank passwords, which allows remote attackers to access an arbitrary user account and read the spam e-mail messages stored for that account, possibly related to the LoginCheck::doPost function in mwi/servlet/Login.cpp. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=515127", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=515127" "lang": "eng",
}, "value": "MailWasher Server before 2.2.1, when used with LDAP or Active Directory (AD), does not properly handle blank passwords, which allows remote attackers to access an arbitrary user account and read the spam e-mail messages stored for that account, possibly related to the LoginCheck::doPost function in mwi/servlet/Login.cpp. NOTE: some of these details are obtained from third party information."
{ }
"name" : "24507", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24507" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2239", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2239" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37538", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37538" ]
}, },
{ "references": {
"name" : "25695", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25695" "name": "25695",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25695"
"name" : "mailwasher-logincheck-unauthorized-access(34925)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34925" "name": "37538",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/37538"
} },
{
"name": "ADV-2007-2239",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2239"
},
{
"name": "mailwasher-logincheck-unauthorized-access(34925)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34925"
},
{
"name": "24507",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24507"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=515127",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=515127"
}
]
}
} }

148
2007/3xxx/CVE-2007-3548.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3548", "ID": "CVE-2007-3548",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4126", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4126" "lang": "eng",
}, "value": "Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file."
{ }
"name" : "24709", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24709" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45745", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45745" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "w3filer-banner-bo(35184)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35184" ]
} },
] "references": {
} "reference_data": [
{
"name": "w3filer-banner-bo(35184)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35184"
},
{
"name": "24709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24709"
},
{
"name": "45745",
"refsource": "OSVDB",
"url": "http://osvdb.org/45745"
},
{
"name": "4126",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4126"
}
]
}
} }

218
2007/3xxx/CVE-2007-3814.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3814", "ID": "CVE-2007-3814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the idurlo field in the delete_urlo function in (a) index.php in the urlobox module; the iden field in the (2) update_file and (3) del_file functions in (b) index.php in the reviews module; the (4) idnews field in the delete_news function and the (5) idcomm field in the del_comment function in (c) index.php in the news module; the (6) idcomm field in the delete_comments function in (d) index.php in the gallery module; the iden field in the (7) edit_file, (8) update_file, and (9) del_file functions in index.php in the gallery module; the (10) ide and (11) cat fields in the slide_update function in index.php in the gallery module; the iden field in the (12) update_file and (13) del_file functions in (d) index.php in the downloads module; and other unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070712 MkPortal - Multiple SQL Injection Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473495/100/0/threaded" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in MKPortal 1.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the idurlo field in the delete_urlo function in (a) index.php in the urlobox module; the iden field in the (2) update_file and (3) del_file functions in (b) index.php in the reviews module; the (4) idnews field in the delete_news function and the (5) idcomm field in the del_comment function in (c) index.php in the news module; the (6) idcomm field in the delete_comments function in (d) index.php in the gallery module; the iden field in the (7) edit_file, (8) update_file, and (9) del_file functions in index.php in the gallery module; the (10) ide and (11) cat fields in the slide_update function in index.php in the gallery module; the iden field in the (12) update_file and (13) del_file functions in (d) index.php in the downloads module; and other unspecified vectors."
{ }
"name" : "4179", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4179" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24886", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24886" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24891", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24891" ]
}, },
{ "references": {
"name" : "41719", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41719" "name": "41722",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41722"
"name" : "41720", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41720" "name": "41721",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41721"
"name" : "41721", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41721" "name": "41723",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41723"
"name" : "41722", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41722" "name": "24886",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24886"
"name" : "41723", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41723" "name": "20070712 MkPortal - Multiple SQL Injection Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/473495/100/0/threaded"
"name" : "2894", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2894" "name": "24891",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24891"
"name" : "mkportal-multiple-sql-injection(35391)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35391" "name": "4179",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/4179"
} },
{
"name": "2894",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2894"
},
{
"name": "mkportal-multiple-sql-injection(35391)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35391"
},
{
"name": "41719",
"refsource": "OSVDB",
"url": "http://osvdb.org/41719"
},
{
"name": "41720",
"refsource": "OSVDB",
"url": "http://osvdb.org/41720"
}
]
}
} }

148
2007/4xxx/CVE-2007-4332.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4332", "ID": "CVE-2007-4332",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "25309", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25309" "lang": "eng",
}, "value": "SQL injection vulnerability in article.php in Article Dashboard, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a print action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "36422", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/36422" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26163", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26163" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "article-article-sql-injection(35977)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35977" ]
} },
] "references": {
} "reference_data": [
{
"name": "36422",
"refsource": "OSVDB",
"url": "http://osvdb.org/36422"
},
{
"name": "26163",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26163"
},
{
"name": "25309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25309"
},
{
"name": "article-article-sql-injection(35977)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35977"
}
]
}
} }

138
2007/4xxx/CVE-2007-4356.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4356", "ID": "CVE-2007-4356",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 and 7 embeds FTP credentials in HTML files that are retrieved during an FTP session, which allows context-dependent attackers to obtain sensitive information by reading the HTML source, as demonstrated by a (1) .htm, (2) .html, or (3) .mht file."
{ }
"name" : "36400", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/36400" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26427", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26427" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "36400",
"refsource": "OSVDB",
"url": "http://osvdb.org/36400"
},
{
"name": "26427",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26427"
},
{
"name": "http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html",
"refsource": "MISC",
"url": "http://blog.washingtonpost.com/securityfix/2007/08/ftp_files_expose_web_site_cred.html"
}
]
}
} }

118
2007/4xxx/CVE-2007-4528.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4528", "ID": "CVE-2007-4528",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does not cross privilege boundaries in most contexts, so perhaps it should not be included in CVE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4311", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4311" "lang": "eng",
} "value": "The Foreign Function Interface (ffi) extension in PHP 5.0.5 does not follow safe_mode restrictions, which allows context-dependent attackers to execute arbitrary code by loading an arbitrary DLL and calling a function, as demonstrated by kernel32.dll and the WinExec function. NOTE: this issue does not cross privilege boundaries in most contexts, so perhaps it should not be included in CVE."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4311",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4311"
}
]
}
} }

178
2007/4xxx/CVE-2007-4561.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4561", "ID": "CVE-2007-4561",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070824 [MU-200708-01] Helix DNA Server Heap Corruption", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://marc.info/?l=full-disclosure&m=118800391412961&w=2" "lang": "eng",
}, "value": "Heap-based buffer overflow in the RTSP service in Helix DNA Server before 11.1.4 allows remote attackers to execute arbitrary code via an RSTP command containing multiple Require headers."
{ }
"name" : "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt", ]
"refsource" : "MISC", },
"url" : "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25440", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25440" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2986", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2986" ]
}, },
{ "references": {
"name" : "1018605", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018605" "name": "25440",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25440"
"name" : "26609", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26609" "name": "20070824 [MU-200708-01] Helix DNA Server Heap Corruption",
}, "refsource": "FULLDISC",
{ "url": "http://marc.info/?l=full-disclosure&m=118800391412961&w=2"
"name" : "3069", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3069" "name": "ADV-2007-2986",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/2986"
} },
{
"name": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt",
"refsource": "MISC",
"url": "http://labs.musecurity.com/wp-content/uploads/2007/08/mu-200708-01.txt"
},
{
"name": "26609",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26609"
},
{
"name": "1018605",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018605"
},
{
"name": "3069",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3069"
}
]
}
} }

188
2007/4xxx/CVE-2007-4690.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4690", "ID": "CVE-2007-4690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=307041", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307041" "lang": "eng",
}, "value": "Double free vulnerability in the NFS component in Apple Mac OS X 10.4 through 10.4.10 allows remote authenticated users to execute arbitrary code via a crafted AUTH_UNIX RPC packet."
{ }
"name" : "APPLE-SA-2007-11-14", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-319A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26444", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26444" ]
}, },
{ "references": {
"name" : "ADV-2007-3868", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3868" "name": "macosx-nfs-authunix-code-execution(38477)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38477"
"name" : "1018949", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018949" "name": "26444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26444"
"name" : "27643", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27643" "name": "APPLE-SA-2007-11-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
"name" : "macosx-nfs-authunix-code-execution(38477)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38477" "name": "http://docs.info.apple.com/article.html?artnum=307041",
} "refsource": "CONFIRM",
] "url": "http://docs.info.apple.com/article.html?artnum=307041"
} },
{
"name": "ADV-2007-3868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "1018949",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018949"
},
{
"name": "27643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27643"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
}
]
}
} }

208
2007/4xxx/CVE-2007-4732.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4732", "ID": "CVE-2007-4732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm" "lang": "eng",
}, "value": "Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function."
{ }
"name" : "103009", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103009-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25510", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25510" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3031", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3031" ]
}, },
{ "references": {
"name" : "37323", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37323" "name": "solaris-strfreectty-dos(36379)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36379"
"name" : "oval:org.mitre.oval:def:2173", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2173" "name": "oval:org.mitre.oval:def:2173",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2173"
"name" : "1018643", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018643" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-374.htm"
"name" : "26528", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26528" "name": "1018643",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018643"
"name" : "26731", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26731" "name": "103009",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103009-1"
"name" : "solaris-strfreectty-dos(36379)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36379" "name": "26528",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/26528"
} },
{
"name": "26731",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26731"
},
{
"name": "37323",
"refsource": "OSVDB",
"url": "http://osvdb.org/37323"
},
{
"name": "ADV-2007-3031",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3031"
},
{
"name": "25510",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25510"
}
]
}
} }

168
2007/6xxx/CVE-2007-6569.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6569", "ID": "CVE-2007-6569",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.sun.com/app/docs/doc/820-2499/aeaaa?a=view", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.sun.com/app/docs/doc/820-2499/aeaaa?a=view" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246."
{ }
"name" : "103002", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103002-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26978", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26978" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-4313", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/4313" ]
}, },
{ "references": {
"name" : "28186", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28186" "name": "26978",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26978"
"name" : "28216", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28216" "name": "28216",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/28216"
} },
{
"name": "103002",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103002-1"
},
{
"name": "28186",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28186"
},
{
"name": "http://docs.sun.com/app/docs/doc/820-2499/aeaaa?a=view",
"refsource": "CONFIRM",
"url": "http://docs.sun.com/app/docs/doc/820-2499/aeaaa?a=view"
},
{
"name": "ADV-2007-4313",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4313"
}
]
}
} }

178
2010/1xxx/CVE-2010-1750.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1750", "ID": "CVE-2010-1750",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT4196", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT4196" "lang": "eng",
}, "value": "Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to improper window management."
{ }
"name" : "APPLE-SA-2010-06-07-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40620", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/40620" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:7143", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7143" ]
}, },
{ "references": {
"name" : "1024067", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1024067" "name": "APPLE-SA-2010-06-07-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00000.html"
"name" : "40105", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/40105" "name": "40105",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/40105"
"name" : "ADV-2010-1373", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2010/1373" "name": "ADV-2010-1373",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2010/1373"
} },
{
"name": "oval:org.mitre.oval:def:7143",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7143"
},
{
"name": "40620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40620"
},
{
"name": "1024067",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024067"
},
{
"name": "http://support.apple.com/kb/HT4196",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4196"
}
]
}
} }

168
2010/5xxx/CVE-2010-5327.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5327", "ID": "CVE-2010-5327",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://dev.liferay.com/web/community-security-team/known-vulnerabilities", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://dev.liferay.com/web/community-security-team/known-vulnerabilities" "lang": "eng",
}, "value": "Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template."
{ }
"name" : "https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates", ]
"refsource" : "CONFIRM", },
"url" : "https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://issues.liferay.com/browse/LPE-14964", ]
"refsource" : "CONFIRM", }
"url" : "https://issues.liferay.com/browse/LPE-14964" ]
}, },
{ "references": {
"name" : "https://issues.liferay.com/browse/LPS-64547", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.liferay.com/browse/LPS-64547" "name": "https://issues.liferay.com/browse/LPS-7087",
}, "refsource": "CONFIRM",
{ "url": "https://issues.liferay.com/browse/LPS-7087"
"name" : "https://issues.liferay.com/browse/LPS-7087", },
"refsource" : "CONFIRM", {
"url" : "https://issues.liferay.com/browse/LPS-7087" "name": "https://issues.liferay.com/browse/LPE-14964",
} "refsource": "CONFIRM",
] "url": "https://issues.liferay.com/browse/LPE-14964"
} },
{
"name": "https://dev.liferay.com/web/community-security-team/known-vulnerabilities",
"refsource": "CONFIRM",
"url": "https://dev.liferay.com/web/community-security-team/known-vulnerabilities"
},
{
"name": "https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91",
"refsource": "CONFIRM",
"url": "https://github.com/liferay/liferay-portal/commit/90c4e85a8f8135f069f3f05e4d54a77704769f91"
},
{
"name": "https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates",
"refsource": "CONFIRM",
"url": "https://dev.liferay.com/web/community-security-team/known-vulnerabilities/-/asset_publisher/4AHAYapUm8Xc/content/lps-64547-remote-code-execution-and-privilege-escalation-in-templates"
},
{
"name": "https://issues.liferay.com/browse/LPS-64547",
"refsource": "CONFIRM",
"url": "https://issues.liferay.com/browse/LPS-64547"
}
]
}
} }

138
2014/0xxx/CVE-2014-0742.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-0742", "ID": "CVE-2014-0742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33045", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=33045" "lang": "eng",
}, "value": "The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464."
{ }
"name" : "20140225 Cisco Unified Communications Manager CAPF CSR Arbitrary File Read/Write Vulnerability", ]
"refsource" : "CISCO", },
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0742" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1029843", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029843" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33045",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33045"
},
{
"name": "20140225 Cisco Unified Communications Manager CAPF CSR Arbitrary File Read/Write Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0742"
},
{
"name": "1029843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029843"
}
]
}
} }

128
2014/100xxx/CVE-2014-100029.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-100029", "ID": "CVE-2014-100029",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/125464", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/125464" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter."
{ }
"name" : "ganesha-gdl-dir-traversal(91555)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91555" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ganesha-gdl-dir-traversal(91555)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91555"
},
{
"name": "http://packetstormsecurity.com/files/125464",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125464"
}
]
}
} }

32
2014/1xxx/CVE-2014-1288.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2014-1288", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2014-1288",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
} }
] ]
} }
} }

148
2014/1xxx/CVE-2014-1313.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1313", "ID": "CVE-2014-1313",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT6537", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT6537" "lang": "eng",
}, "value": "WebKit, as used in Apple Safari before 6.1.3 and 7.x before 7.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-04-01-1."
{ }
"name" : "APPLE-SA-2014-04-01-1", ]
"refsource" : "APPLE", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2014-04-22-2", "description": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2014-04-22-3", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html" ]
} },
] "references": {
} "reference_data": [
{
"name": "APPLE-SA-2014-04-22-2",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html"
},
{
"name": "https://support.apple.com/kb/HT6537",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6537"
},
{
"name": "APPLE-SA-2014-04-22-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html"
},
{
"name": "APPLE-SA-2014-04-01-1",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-04/0009.html"
}
]
}
} }

168
2014/1xxx/CVE-2014-1357.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2014-1357", "ID": "CVE-2014-1357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT6296", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT6296" "lang": "eng",
}, "value": "Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that generates log messages."
{ }
"name" : "APPLE-SA-2014-06-30-2", ]
"refsource" : "APPLE", },
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2014-06-30-3", "description": [
"refsource" : "APPLE", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2014-06-30-4", ]
"refsource" : "APPLE", }
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html" ]
}, },
{ "references": {
"name" : "1030500", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030500" "name": "http://support.apple.com/kb/HT6296",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT6296"
"name" : "59475", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59475" "name": "APPLE-SA-2014-06-30-2",
} "refsource": "APPLE",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0172.html"
} },
{
"name": "APPLE-SA-2014-06-30-4",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0175.html"
},
{
"name": "APPLE-SA-2014-06-30-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-06/0174.html"
},
{
"name": "59475",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59475"
},
{
"name": "1030500",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030500"
}
]
}
} }

32
2014/1xxx/CVE-2014-1687.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1687", "ID": "CVE-2014-1687",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/1xxx/CVE-2014-1842.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1842", "ID": "CVE-2014-1842",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "31579", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/31579" "lang": "eng",
}, "value": "Directory traversal vulnerability in the web interface in Titan FTP Server before 10.40 build 1829 allows remote attackers to list all usernames via a Go action with a .. (dot dot) in the search-bar value."
{ }
"name" : "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103196", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/103196" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "103196",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/103196"
},
{
"name": "31579",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31579"
},
{
"name": "20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843]",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2014-02/0092.html"
}
]
}
} }

138
2014/5xxx/CVE-2014-5284.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5284", "ID": "CVE-2014-5284",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "35234", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/35234" "lang": "eng",
}, "value": "host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed."
{ }
"name" : "http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/ossec/ossec-hids/releases/tag/2.8.1", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ossec/ossec-hids/releases/tag/2.8.1" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "35234",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/35234"
},
{
"name": "http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html"
},
{
"name": "https://github.com/ossec/ossec-hids/releases/tag/2.8.1",
"refsource": "CONFIRM",
"url": "https://github.com/ossec/ossec-hids/releases/tag/2.8.1"
}
]
}
} }

32
2014/5xxx/CVE-2014-5310.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5310", "ID": "CVE-2014-5310",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

138
2014/5xxx/CVE-2014-5618.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5618", "ID": "CVE-2014-5618",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Cartoon Camera (aka com.fingersoft.cartooncamera) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Cartoon Camera (aka com.fingersoft.cartooncamera) application 1.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#164409", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/164409" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#164409",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/164409"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
} }

188
2015/2xxx/CVE-2015-2319.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2319", "ID": "CVE-2015-2319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150317 Re: Mono TLS vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/03/17/9" "lang": "eng",
}, "value": "The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204."
{ }
"name" : "https://mitls.org/pages/attacks/SMACK#freak", ]
"refsource" : "MISC", },
"url" : "https://mitls.org/pages/attacks/SMACK#freak" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1202869", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1202869" ]
}, },
{ "references": {
"name" : "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10" "name": "USN-2547-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2547-1"
"name" : "DSA-3202", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2015/dsa-3202" "name": "73250",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73250"
"name" : "USN-2547-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2547-1" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1202869"
"name" : "73250", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73250" "name": "https://mitls.org/pages/attacks/SMACK#freak",
} "refsource": "MISC",
] "url": "https://mitls.org/pages/attacks/SMACK#freak"
} },
{
"name": "[oss-security] 20150317 Re: Mono TLS vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/17/9"
},
{
"name": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/",
"refsource": "CONFIRM",
"url": "http://www.mono-project.com/news/2015/03/07/mono-tls-vulnerability/"
},
{
"name": "DSA-3202",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2015/dsa-3202"
},
{
"name": "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10",
"refsource": "CONFIRM",
"url": "https://github.com/mono/mono/commit/9c38772f094168d8bfd5bc73bf8925cd04faad10"
}
]
}
} }

148
2015/2xxx/CVE-2015-2455.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2455", "ID": "CVE-2015-2455",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka \"TrueType Font Parsing Vulnerability,\" a different vulnerability than CVE-2015-2456."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "37919", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/37919/" "lang": "eng",
}, "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, Silverlight before 5.1.40728, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka \"TrueType Font Parsing Vulnerability,\" a different vulnerability than CVE-2015-2456."
{ }
"name" : "MS15-080", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "76216", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76216" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1033238", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1033238" ]
} },
] "references": {
} "reference_data": [
{
"name": "MS15-080",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080"
},
{
"name": "37919",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37919/"
},
{
"name": "1033238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033238"
},
{
"name": "76216",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76216"
}
]
}
} }

128
2015/2xxx/CVE-2015-2474.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2474", "ID": "CVE-2015-2474",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka \"Server Message Block Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-083", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-083" "lang": "eng",
}, "value": "Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka \"Server Message Block Memory Corruption Vulnerability.\""
{ }
"name" : "1033243", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033243" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033243",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033243"
},
{
"name": "MS15-083",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-083"
}
]
}
} }

138
2015/2xxx/CVE-2015-2484.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2484", "ID": "CVE-2015-2484",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 uses an incorrect flag during certain filesystem accesses, which allows remote attackers to delete arbitrary files via unspecified vectors, aka \"Tampering Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-094", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" "lang": "eng",
}, "value": "Microsoft Internet Explorer 10 and 11 uses an incorrect flag during certain filesystem accesses, which allows remote attackers to delete arbitrary files via unspecified vectors, aka \"Tampering Vulnerability.\""
{ }
"name" : "76586", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76586" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033487", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033487" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name": "76586",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76586"
},
{
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}
} }

168
2015/2xxx/CVE-2015-2755.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2755", "ID": "CVE-2015-2755",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150321 CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/534954/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php."
{ }
"name" : "20150327 CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/535026/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/130960/WordPress-AB-Google-Map-Travel-CSRF-XSS.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/130960/WordPress-AB-Google-Map-Travel-CSRF-XSS.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://packetstormsecurity.com/files/131155/WordPress-Google-Map-Travel-3.4-XSS-CSRF.html", ]
"refsource" : "MISC", }
"url" : "http://packetstormsecurity.com/files/131155/WordPress-Google-Map-Travel-3.4-XSS-CSRF.html" ]
}, },
{ "references": {
"name" : "https://wordpress.org/plugins/ab-google-map-travel/changelog/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/ab-google-map-travel/changelog/" "name": "20150321 CSRF/Stored XSS Vulnerability in AB Google Map Travel (AB-MAP) Wordpress Plugin",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/534954/100/0/threaded"
"name" : "71417", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/71417" "name": "20150327 CVE-2015-2755 WordPress AB Google Map Travel CSRF / XSS",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/535026/100/0/threaded"
} },
{
"name": "http://packetstormsecurity.com/files/131155/WordPress-Google-Map-Travel-3.4-XSS-CSRF.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131155/WordPress-Google-Map-Travel-3.4-XSS-CSRF.html"
},
{
"name": "71417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71417"
},
{
"name": "http://packetstormsecurity.com/files/130960/WordPress-AB-Google-Map-Travel-CSRF-XSS.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130960/WordPress-AB-Google-Map-Travel-CSRF-XSS.html"
},
{
"name": "https://wordpress.org/plugins/ab-google-map-travel/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/ab-google-map-travel/changelog/"
}
]
}
} }

138
2015/6xxx/CVE-2015-6325.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6325", "ID": "CVE-2015-6325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151021 Cisco ASA Software DNS Denial of Service Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1" "lang": "eng",
}, "value": "Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8.4(7.29), 8.5 through 8.7 before 8.7(1.17), 9.0 before 9.0(4.37), 9.1 before 9.1(6.4), 9.2 before 9.2(4), 9.3 before 9.3(3.1), and 9.4 before 9.4(1.1) allows remote attackers to cause a denial of service (device reload) via a crafted DNS response, aka Bug ID CSCut03495."
{ }
"name" : "77260", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/77260" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033913", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033913" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20151021 Cisco ASA Software DNS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dns1"
},
{
"name": "1033913",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033913"
},
{
"name": "77260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77260"
}
]
}
} }

118
2015/6xxx/CVE-2015-6596.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-6596", "ID": "CVE-2015-6596",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)", "description_data": [
"refsource" : "MLIST", {
"url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ" "lang": "eng",
} "value": "mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[android-security-updates] 20151005 Nexus Security Bulletin (October 2015)",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/_Rm-lKnS2M8/dGTcilt0CAAJ"
}
]
}
} }

32
2016/1000xxx/CVE-2016-1000235.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000235", "ID": "CVE-2016-1000235",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

148
2016/10xxx/CVE-2016-10025.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10025", "ID": "CVE-2016-10025",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://xenbits.xen.org/xsa/advisory-203.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://xenbits.xen.org/xsa/advisory-203.html" "lang": "eng",
}, "value": "VMFUNC emulation in Xen 4.6.x through 4.8.x on x86 systems using AMD virtualization extensions (aka SVM) allows local HVM guest OS users to cause a denial of service (hypervisor crash) by leveraging a missing NULL pointer check."
{ }
"name" : "https://support.citrix.com/article/CTX219378", ]
"refsource" : "CONFIRM", },
"url" : "https://support.citrix.com/article/CTX219378" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "95026", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95026" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1037518", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037518" ]
} },
] "references": {
} "reference_data": [
{
"name": "95026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95026"
},
{
"name": "http://xenbits.xen.org/xsa/advisory-203.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-203.html"
},
{
"name": "https://support.citrix.com/article/CTX219378",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX219378"
},
{
"name": "1037518",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037518"
}
]
}
} }

138
2016/10xxx/CVE-2016-10237.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-10237", "ID": "CVE-2016-10237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm Products", "product_name": "All Qualcomm Products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Input Validation in TrustZone"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-04-01" "lang": "eng",
}, "value": "If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory."
{ }
"name" : "97334", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97334" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038201", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038201" "lang": "eng",
} "value": "Improper Input Validation in TrustZone"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "97334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97334"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
}
]
}
} }

128
2016/10xxx/CVE-2016-10331.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@synology.com", "ASSIGNER": "security@synology.com",
"ID" : "CVE-2016-10331", "ID": "CVE-2016-10331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Synology Photo Station", "product_name": "Synology Photo Station",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions prior to version 6.5.3-3226" "version_value": "All versions prior to version 6.5.3-3226"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Synology" "vendor_name": "Synology"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Directory Traversal (CWE-22)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bamboofox.github.io/2017/03/20/Synology-Bug-Bounty-2016/#Vul-06-Local-File-Inclusion", "description_data": [
"refsource" : "MISC", {
"url" : "https://bamboofox.github.io/2017/03/20/Synology-Bug-Bounty-2016/#Vul-06-Local-File-Inclusion" "lang": "eng",
}, "value": "Directory traversal vulnerability in download.php in Synology Photo Station before 6.5.3-3226 allows remote attackers to read arbitrary files via a full pathname in the id parameter."
{ }
"name" : "https://www.synology.com/en-global/support/security/Photo_Station_6_5_3_3226", ]
"refsource" : "CONFIRM", },
"url" : "https://www.synology.com/en-global/support/security/Photo_Station_6_5_3_3226" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Directory Traversal (CWE-22)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.synology.com/en-global/support/security/Photo_Station_6_5_3_3226",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/support/security/Photo_Station_6_5_3_3226"
},
{
"name": "https://bamboofox.github.io/2017/03/20/Synology-Bug-Bounty-2016/#Vul-06-Local-File-Inclusion",
"refsource": "MISC",
"url": "https://bamboofox.github.io/2017/03/20/Synology-Bug-Bounty-2016/#Vul-06-Local-File-Inclusion"
}
]
}
} }

120
2016/10xxx/CVE-2016-10622.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10622", "ID": "CVE-2016-10622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "nodeschnaps node module", "product_name": "nodeschnaps node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "nodeschnaps is a NodeJS compatibility layer for Java (Rhino). nodeschnaps downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/212", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/212" "lang": "eng",
} "value": "nodeschnaps is a NodeJS compatibility layer for Java (Rhino). nodeschnaps downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/212",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/212"
}
]
}
} }

128
2016/10xxx/CVE-2016-10705.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10705", "ID": "CVE-2016-10705",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jetpack.com/2016/06/20/jetpack-4-0-4-bug-fixes/", "description_data": [
"refsource" : "MISC", {
"url" : "https://jetpack.com/2016/06/20/jetpack-4-0-4-bug-fixes/" "lang": "eng",
}, "value": "The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module."
{ }
"name" : "https://wpvulndb.com/vulnerabilities/8517", ]
"refsource" : "MISC", },
"url" : "https://wpvulndb.com/vulnerabilities/8517" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jetpack.com/2016/06/20/jetpack-4-0-4-bug-fixes/",
"refsource": "MISC",
"url": "https://jetpack.com/2016/06/20/jetpack-4-0-4-bug-fixes/"
},
{
"name": "https://wpvulndb.com/vulnerabilities/8517",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/8517"
}
]
}
} }

118
2016/4xxx/CVE-2016-4420.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4420", "ID": "CVE-2016-4420",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.wireshark.org/security/wnpa-sec-2016-17.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.wireshark.org/security/wnpa-sec-2016-17.html" "lang": "eng",
} "value": "The NFS dissector in Wireshark 2.x before 2.0.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wireshark.org/security/wnpa-sec-2016-17.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2016-17.html"
}
]
}
} }

148
2016/4xxx/CVE-2016-4598.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4598", "ID": "CVE-2016-4598",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT206903", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT206903" "lang": "eng",
}, "value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image."
{ }
"name" : "APPLE-SA-2016-07-18-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91824", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91824" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1036348", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1036348" ]
} },
] "references": {
} "reference_data": [
{
"name": "91824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91824"
},
{
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "1036348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036348"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
}
]
}
} }

138
2016/4xxx/CVE-2016-4814.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4814", "ID": "CVE-2016-4814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.gsi.go.jp/johofukyu/johofukyu40062.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.gsi.go.jp/johofukyu/johofukyu40062.html" "lang": "eng",
}, "value": "Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors."
{ }
"name" : "JVN#13794955", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN13794955/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000090", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000090" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000090",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000090"
},
{
"name": "http://www.gsi.go.jp/johofukyu/johofukyu40062.html",
"refsource": "CONFIRM",
"url": "http://www.gsi.go.jp/johofukyu/johofukyu40062.html"
},
{
"name": "JVN#13794955",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN13794955/index.html"
}
]
}
} }

158
2016/4xxx/CVE-2016-4856.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-4856", "ID": "CVE-2016-4856",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Splunk Enterprise", "product_name": "Splunk Enterprise",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.3.x prior to 6.3.5" "version_value": "6.3.x prior to 6.3.5"
} }
] ]
} }
}, },
{ {
"product_name" : "Splunk Light", "product_name": "Splunk Light",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.3.x prior to 6.3.5" "version_value": "6.3.x prior to 6.3.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Splunk Inc." "vendor_name": "Splunk Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.splunk.com/view/SP-CAAAPN9", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.splunk.com/view/SP-CAAAPN9" "lang": "eng",
}, "value": "Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#71462075", ]
"refsource" : "JVN", },
"url" : "https://jvn.jp/en/jp/JVN71462075/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "92990", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92990" "lang": "eng",
} "value": "Cross-site scripting"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.splunk.com/view/SP-CAAAPN9",
"refsource": "CONFIRM",
"url": "https://www.splunk.com/view/SP-CAAAPN9"
},
{
"name": "JVN#71462075",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN71462075/index.html"
},
{
"name": "92990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92990"
}
]
}
} }

32
2016/8xxx/CVE-2016-8957.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-8957", "ID": "CVE-2016-8957",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2016/9xxx/CVE-2016-9142.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9142", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9142",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

218
2016/9xxx/CVE-2016-9635.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9635", "ID": "CVE-2016-9635",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161123 Re: CVE Request: gstreamer plugins", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/24/2" "lang": "eng",
}, "value": "Heap-based buffer overflow in the flx_decode_delta_fli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by providing a 'skip count' that goes beyond initialized buffer."
{ }
"name" : "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html", ]
"refsource" : "MISC", },
"url" : "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.gnome.org/show_bug.cgi?id=774834", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.gnome.org/show_bug.cgi?id=774834" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", ]
"refsource" : "CONFIRM", }
"url" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2" ]
}, },
{ "references": {
"name" : "DSA-3723", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3723" "name": "DSA-3724",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3724"
"name" : "DSA-3724", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3724" "name": "RHSA-2017:0019",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0019.html"
"name" : "GLSA-201705-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201705-10" "name": "RHSA-2016:2975",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2975.html"
"name" : "RHSA-2016:2975", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2975.html" "name": "DSA-3723",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3723"
"name" : "RHSA-2017:0019", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0019.html" "name": "RHSA-2017:0020",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0020.html"
"name" : "RHSA-2017:0020", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0020.html" "name": "94499",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94499"
"name" : "94499", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94499" "name": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2",
} "refsource": "CONFIRM",
] "url": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2"
} },
{
"name": "[oss-security] 20161123 Re: CVE Request: gstreamer plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/24/2"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=774834",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=774834"
},
{
"name": "GLSA-201705-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201705-10"
},
{
"name": "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html",
"refsource": "MISC",
"url": "https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html"
}
]
}
} }

264
2016/9xxx/CVE-2016-9899.json
View File

@ -1,135 +1,135 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-9899", "ID": "CVE-2016-9899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50.1" "version_value": "50.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Firefox ESR", "product_name": "Firefox ESR",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.6" "version_value": "45.6"
} }
] ]
} }
}, },
{ {
"product_name" : "Thunderbird", "product_name": "Thunderbird",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "45.6" "version_value": "45.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use-after-free while manipulating DOM events and audio elements"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "41042", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/41042/" "lang": "eng",
}, "value": "Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-94/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-94/" "lang": "eng",
}, "value": "Use-after-free while manipulating DOM events and audio elements"
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-95/", ]
"refsource" : "CONFIRM", }
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-95/" ]
}, },
{ "references": {
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-96/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-96/" "name": "https://www.mozilla.org/security/advisories/mfsa2016-94/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2016-94/"
"name" : "DSA-3757", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3757" "name": "https://www.mozilla.org/security/advisories/mfsa2016-95/",
}, "refsource": "CONFIRM",
{ "url": "https://www.mozilla.org/security/advisories/mfsa2016-95/"
"name" : "GLSA-201701-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-15" "name": "94885",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/94885"
"name" : "RHSA-2016:2946", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2946.html" "name": "1037461",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037461"
"name" : "RHSA-2016:2973", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2973.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1317409"
"name" : "94885", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94885" "name": "GLSA-201701-15",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-15"
"name" : "1037461", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037461" "name": "DSA-3757",
} "refsource": "DEBIAN",
] "url": "https://www.debian.org/security/2017/dsa-3757"
} },
{
"name": "41042",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41042/"
},
{
"name": "RHSA-2016:2973",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2973.html"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-96/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-96/"
},
{
"name": "RHSA-2016:2946",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2946.html"
}
]
}
} }

32
2019/2xxx/CVE-2019-2138.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2138", "ID": "CVE-2019-2138",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/2xxx/CVE-2019-2147.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2147", "ID": "CVE-2019-2147",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/2xxx/CVE-2019-2225.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2225", "ID": "CVE-2019-2225",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/2xxx/CVE-2019-2411.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2411", "ID": "CVE-2019-2411",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Hospitality Cruise Shipboard Property Management System", "product_name": "Hospitality Cruise Shipboard Property Management System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.8" "version_value": "8.0.8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows low privileged attacker with network access via TCP to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Shipboard Property Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Cruise Shipboard Property Management System as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Shipboard Property Management System accessible data. CVSS 3.0 Base Score 7.6 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via TCP to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Shipboard Property Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Cruise Shipboard Property Management System as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Shipboard Property Management System accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). The supported version that is affected is 8.0.8. Easily exploitable vulnerability allows low privileged attacker with network access via TCP to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Shipboard Property Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Cruise Shipboard Property Management System as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Shipboard Property Management System accessible data. CVSS 3.0 Base Score 7.6 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H)."
{ }
"name" : "106609", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106609" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows low privileged attacker with network access via TCP to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Shipboard Property Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Hospitality Cruise Shipboard Property Management System as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Shipboard Property Management System accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106609",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106609"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}
]
}
} }

32
2019/3xxx/CVE-2019-3097.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3097", "ID": "CVE-2019-3097",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/3xxx/CVE-2019-3884.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3884", "ID": "CVE-2019-3884",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6193.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6193", "ID": "CVE-2019-6193",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/6xxx/CVE-2019-6611.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6611", "ID": "CVE-2019-6611",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7045.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7045", "ID": "CVE-2019-7045",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7076.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7076", "ID": "CVE-2019-7076",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7521.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7521", "ID": "CVE-2019-7521",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2019/7xxx/CVE-2019-7936.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7936", "ID": "CVE-2019-7936",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }