admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:49:46 +00:00
parent bae8a3187b
commit 86657efbdb
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
72 changed files with 4703 additions and 4703 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0700.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0700", "ID": "CVE-1999-0700",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "Q237185", "description_data": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237185" "lang": "eng",
}, "value": "Buffer overflow in Microsoft Phone Dialer (dialer.exe), via a malformed dialer entry in the dialer.ini file."
{ }
"name" : "MS99-026", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS99-026",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-026"
},
{
"name": "Q237185",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q237185"
}
]
}
}

120
1999/0xxx/CVE-1999-0753.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0753", "ID": "CVE-1999-0753",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "591", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/591" "lang": "eng",
} "value": "The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/591"
}
]
}
}

120
1999/1xxx/CVE-1999-1174.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1174", "ID": "CVE-1999-1174",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.counterpane.com/crypto-gram-9812.html#doghouse", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.counterpane.com/crypto-gram-9812.html#doghouse" "lang": "eng",
} "value": "ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.counterpane.com/crypto-gram-9812.html#doghouse",
"refsource": "MISC",
"url": "http://www.counterpane.com/crypto-gram-9812.html#doghouse"
}
]
}
}

130
1999/1xxx/CVE-1999-1335.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1335", "ID": "CVE-1999-1335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp" "lang": "eng",
}, "value": "snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information."
{ }
"name" : "cmusnmp-read-write(7251)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp",
"refsource": "CONFIRM",
"url": "http://www.redhat.com/support/errata/rh40-errata-general.html#cmu-snmp"
},
{
"name": "cmusnmp-read-write(7251)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7251"
}
]
}
}

120
1999/1xxx/CVE-1999-1353.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1353", "ID": "CVE-1999-1353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19990907 MsgCore mailserver stores passwords in clear text", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=93698162708211&w=2" "lang": "eng",
} "value": "Nosque MsgCore 2.14 stores passwords in cleartext: (1) the administrator password in the AdmPasswd registry key, and (2) user passwords in the Userbase.dbf data file, which could allow local users to gain privileges."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990907 MsgCore mailserver stores passwords in clear text",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=93698162708211&w=2"
}
]
}
}

130
2000/0xxx/CVE-2000-0064.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0064", "ID": "CVE-2000-0064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "938", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/938" "lang": "eng",
}, "value": "cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters."
{ }
"name" : "7583", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/7583" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7583",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7583"
},
{
"name": "938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/938"
}
]
}
}

140
2000/0xxx/CVE-2000-0289.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0289", "ID": "CVE-2000-0289",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000327 Security Problems with Linux 2.2.x IP Masquerading", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html" "lang": "eng",
}, "value": "IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection."
{ }
"name" : "20000520 Security hole in kernel < 2.2.15", ]
"refsource" : "SUSE", },
"url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1078", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1078" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20000327 Security Problems with Linux 2.2.x IP Masquerading",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0284.html"
},
{
"name": "1078",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1078"
},
{
"name": "20000520 Security hole in kernel < 2.2.15",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_48.html"
}
]
}
}

140
2000/0xxx/CVE-2000-0305.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0305", "ID": "CVE-2000-0305",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000519 jolt2 - Remote DoS against NT, W2K, 9x", "description_data": [
"refsource" : "BINDVIEW", {
"url" : "http://www.securityfocus.com/templates/advisory.html?id=2240" "lang": "eng",
}, "value": "Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the \"IP Fragment Reassembly\" vulnerability."
{ }
"name" : "MS00-029", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1236", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1236" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS00-029",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-029"
},
{
"name": "20000519 jolt2 - Remote DoS against NT, W2K, 9x",
"refsource": "BINDVIEW",
"url": "http://www.securityfocus.com/templates/advisory.html?id=2240"
},
{
"name": "1236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1236"
}
]
}
}

130
2000/0xxx/CVE-2000-0409.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0409", "ID": "CVE-2000-0409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000510 Possible symlink problems with Netscape 4.73", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html" "lang": "eng",
}, "value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
{ }
"name" : "1201", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1201" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
]
}
}

170
2000/0xxx/CVE-2000-0471.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0471", "ID": "CVE-2000-0471",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000614 Vulnerability in Solaris ufsrestore", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html" "lang": "eng",
}, "value": "Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname."
{ }
"name" : "00210", ]
"refsource" : "SUN", },
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#36866", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/36866" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1348", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1348" ]
}, },
{ "references": {
"name" : "1398", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1398" "name": "1348",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/1348"
"name" : "sol-ufsrestore-bo(4711)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4711" "name": "sol-ufsrestore-bo(4711)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4711"
} },
} {
"name": "20000614 Vulnerability in Solaris ufsrestore",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html"
},
{
"name": "00210",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210"
},
{
"name": "1398",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1398"
},
{
"name": "VU#36866",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/36866"
}
]
}
}

150
2000/0xxx/CVE-2000-0869.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0869", "ID": "CVE-2000-0869",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "A090700-3", "description_data": [
"refsource" : "ATSTAKE", {
"url" : "http://www.atstake.com/research/advisories/2000/a090700-3.txt" "lang": "eng",
}, "value": "The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method."
{ }
"name" : "20000907", ]
"refsource" : "SUSE", },
"url" : "http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1656", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1656" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "apache-webdav-directory-listings(5204)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5204" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000907",
"refsource": "SUSE",
"url": "http://archives.neohapsis.com/archives/linux/suse/2000-q3/0906.html"
},
{
"name": "apache-webdav-directory-listings(5204)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5204"
},
{
"name": "A090700-3",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2000/a090700-3.txt"
},
{
"name": "1656",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1656"
}
]
}
}

150
2000/0xxx/CVE-2000-0894.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0894", "ID": "CVE-2000-0894",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall", "description_data": [
"refsource" : "ISS", {
"url" : "http://xforce.iss.net/alerts/advise70.php" "lang": "eng",
}, "value": "HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities."
{ }
"name" : "watchguard-soho-web-auth(5554)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5554" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2119", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/2119" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4404", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/4404" ]
} },
] "references": {
} "reference_data": [
} {
"name": "watchguard-soho-web-auth(5554)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5554"
},
{
"name": "4404",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4404"
},
{
"name": "20001214 Multiple vulnerabilities in the WatchGuard SOHO Firewall",
"refsource": "ISS",
"url": "http://xforce.iss.net/alerts/advise70.php"
},
{
"name": "2119",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2119"
}
]
}
}

170
2007/0xxx/CVE-2007-0135.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0135", "ID": "CVE-2007-0135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the current_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070108 Source verify of Aratix RFI", "description_data": [
"refsource" : "VIM", {
"url" : "http://www.attrition.org/pipermail/vim/2007-January/001219.html" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix 0.2.2 beta 11 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the current_path parameter."
{ }
"name" : "http://securityreason.com/exploitalert/1698", ]
"refsource" : "MISC", },
"url" : "http://securityreason.com/exploitalert/1698" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3079", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3079" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0054", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0054" ]
}, },
{ "references": {
"name" : "33405", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33405" "name": "20070108 Source verify of Aratix RFI",
}, "refsource": "VIM",
{ "url": "http://www.attrition.org/pipermail/vim/2007-January/001219.html"
"name" : "aratix-init-file-include(31282)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31282" "name": "33405",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33405"
} },
} {
"name": "aratix-init-file-include(31282)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31282"
},
{
"name": "http://securityreason.com/exploitalert/1698",
"refsource": "MISC",
"url": "http://securityreason.com/exploitalert/1698"
},
{
"name": "ADV-2007-0054",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0054"
},
{
"name": "3079",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3079"
}
]
}
}

160
2007/0xxx/CVE-2007-0790.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0790", "ID": "CVE-2007-0790",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3277", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3277" "lang": "eng",
}, "value": "Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner."
{ }
"name" : "22390", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22390" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33086", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33086" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24051", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/24051" ]
}, },
{ "references": {
"name" : "smartftp-banner-bo(32214)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32214" "name": "3277",
} "refsource": "EXPLOIT-DB",
] "url": "https://www.exploit-db.com/exploits/3277"
} },
} {
"name": "22390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22390"
},
{
"name": "24051",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24051"
},
{
"name": "33086",
"refsource": "OSVDB",
"url": "http://osvdb.org/33086"
},
{
"name": "smartftp-banner-bo(32214)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32214"
}
]
}
}

170
2007/1xxx/CVE-2007-1330.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1330", "ID": "CVE-2007-1330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall registry key by guessing the name of a named pipe under \\Device\\NamedPipe\\OLE and attempting to open it multiple times."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070301 Comodo Bypassing settings protection using magic pipe Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/461635/100/0/threaded" "lang": "eng",
}, "value": "Comodo Firewall Pro (CFP) (formerly Comodo Personal Firewall) 2.4.18.184 and earlier allows local users to bypass driver protections on the HKLM\\SYSTEM\\Software\\Comodo\\Personal Firewall registry key by guessing the name of a named pipe under \\Device\\NamedPipe\\OLE and attempting to open it multiple times."
{ }
"name" : "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php", ]
"refsource" : "MISC", },
"url" : "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22775", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22775" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34957", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34957" ]
}, },
{ "references": {
"name" : "2388", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2388" "name": "22775",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22775"
"name" : "comodofirewallpro-pipe-security-bypass(32771)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32771" "name": "comodofirewallpro-pipe-security-bypass(32771)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32771"
} },
} {
"name": "2388",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2388"
},
{
"name": "20070301 Comodo Bypassing settings protection using magic pipe Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/461635/100/0/threaded"
},
{
"name": "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Comodo-Bypassing-settings-protection-using-magic-pipe.php"
},
{
"name": "34957",
"refsource": "OSVDB",
"url": "http://osvdb.org/34957"
}
]
}
}

170
2007/1xxx/CVE-2007-1502.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1502", "ID": "CVE-2007-1502",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070317 Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/463092/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in Rhapsody IRC 0.28b allow remote attackers to execute arbitrary code via a (1) long command, (2) long server argument to the (a) connect or (b) server commands, (3) long nick argument to the (c) nick command, or a long (4) nick or (5) message argument to the (d) ctcp, (e) chat, (f) notice, (g) message (msg), or (h) query commands."
{ }
"name" : "23011", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/23011" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35002", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35002" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "35003", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/35003" ]
}, },
{ "references": {
"name" : "35004", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/35004" "name": "2447",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2447"
"name" : "2447", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2447" "name": "20070317 Rhapsody IRC 0.28b (NICK) Multiple fs and bof vulnerability",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/463092/100/0/threaded"
} },
} {
"name": "23011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23011"
},
{
"name": "35004",
"refsource": "OSVDB",
"url": "http://osvdb.org/35004"
},
{
"name": "35003",
"refsource": "OSVDB",
"url": "http://osvdb.org/35003"
},
{
"name": "35002",
"refsource": "OSVDB",
"url": "http://osvdb.org/35002"
}
]
}
}

690
2007/1xxx/CVE-2007-1659.json
View File

@ -1,347 +1,347 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1659", "ID": "CVE-2007-1659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched \"\\Q\\E\" sequences with orphan \"\\E\" codes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071106 rPSA-2007-0231-1 pcre", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/483357/100/0/threaded" "lang": "eng",
}, "value": "Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched \"\\Q\\E\" sequences with orphan \"\\E\" codes."
{ }
"name" : "20071112 FLEA-2007-0064-1 pcre", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/483579/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[gtk-devel-list] 20071107 GLib 2.14.3", "description": [
"refsource" : "MLIST", {
"url" : "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=198976", ]
"refsource" : "MISC", }
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=198976" ]
}, },
{ "references": {
"name" : "http://www.pcre.org/changelog.txt", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.pcre.org/changelog.txt" "name": "30219",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30219"
"name" : "https://issues.rpath.com/browse/RPL-1738", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1738" "name": "MDKSA-2007:212",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:212"
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm", },
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm" "name": "27965",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27965"
"name" : "http://docs.info.apple.com/article.html?artnum=307179", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307179" "name": "29267",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29267"
"name" : "http://docs.info.apple.com/article.html?artnum=307562", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307562" "name": "USN-547-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/547-1/"
"name" : "APPLE-SA-2007-12-17", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" "name": "GLSA-200711-30",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200711-30.xml"
"name" : "APPLE-SA-2008-03-18", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" "name": "ADV-2007-4238",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4238"
"name" : "DSA-1399", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1399" "name": "20071106 rPSA-2007-0231-1 pcre",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/483357/100/0/threaded"
"name" : "DSA-1570", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1570" "name": "TA07-352A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
"name" : "FEDORA-2008-1842", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html" "name": "27538",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27538"
"name" : "GLSA-200711-30", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200711-30.xml" "name": "20071112 FLEA-2007-0064-1 pcre",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/483579/100/0/threaded"
"name" : "GLSA-200801-02", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200801-02.xml" "name": "28136",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28136"
"name" : "GLSA-200801-18", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200801-18.xml" "name": "MDVSA-2008:030",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030"
"name" : "GLSA-200801-19", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200801-19.xml" "name": "DSA-1570",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2008/dsa-1570"
"name" : "GLSA-200805-11", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200805-11.xml" "name": "SUSE-SA:2008:004",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html"
"name" : "MDKSA-2007:211", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211" "name": "https://issues.rpath.com/browse/RPL-1738",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1738"
"name" : "MDKSA-2007:212", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:212" "name": "28658",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28658"
"name" : "MDVSA-2008:030", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:030" "name": "27773",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27773"
"name" : "RHSA-2007:0967", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0967.html" "name": "27697",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27697"
"name" : "RHSA-2007:1068", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1068.html" "name": "28406",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28406"
"name" : "SUSE-SA:2007:062", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_62_pcre.html" "name": "27554",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27554"
"name" : "SUSE-SR:2007:025", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_25_sr.html" "name": "ADV-2008-0924",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0924/references"
"name" : "SUSE-SA:2008:004", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00006.html" "name": "SUSE-SR:2007:025",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
"name" : "USN-547-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/547-1/" "name": "27547",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27547"
"name" : "TA07-352A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" "name": "27543",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27543"
"name" : "26346", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26346" "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm"
"name" : "oval:org.mitre.oval:def:9725", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725" "name": "[gtk-devel-list] 20071107 GLib 2.14.3",
}, "refsource": "MLIST",
{ "url": "http://mail.gnome.org/archives/gtk-devel-list/2007-November/msg00022.html"
"name" : "ADV-2007-3725", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3725" "name": "29420",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29420"
"name" : "ADV-2007-3790", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3790" "name": "APPLE-SA-2007-12-17",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
"name" : "ADV-2007-4238", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4238" "name": "pcre-regex-code-execution(38272)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38272"
"name" : "ADV-2008-0924", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0924/references" "name": "RHSA-2007:1068",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1068.html"
"name" : "1018895", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018895" "name": "GLSA-200805-11",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200805-11.xml"
"name" : "27598", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27598" "name": "APPLE-SA-2008-03-18",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
"name" : "27538", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27538" "name": "MDKSA-2007:211",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:211"
"name" : "27543", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27543" "name": "FEDORA-2008-1842",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00181.html"
"name" : "27547", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27547" "name": "28041",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28041"
"name" : "27554", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27554" "name": "http://docs.info.apple.com/article.html?artnum=307179",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307179"
"name" : "27741", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27741" "name": "27741",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27741"
"name" : "27773", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27773" "name": "ADV-2007-3790",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3790"
"name" : "27697", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27697" "name": "1018895",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018895"
"name" : "28041", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28041" "name": "ADV-2007-3725",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3725"
"name" : "27965", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27965" "name": "SUSE-SA:2007:062",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_62_pcre.html"
"name" : "28136", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28136" "name": "http://www.pcre.org/changelog.txt",
}, "refsource": "CONFIRM",
{ "url": "http://www.pcre.org/changelog.txt"
"name" : "28406", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28406" "name": "http://docs.info.apple.com/article.html?artnum=307562",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307562"
"name" : "28414", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28414" "name": "30155",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30155"
"name" : "28658", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28658" "name": "RHSA-2007:0967",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0967.html"
"name" : "28714", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28714" "name": "28720",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28720"
"name" : "28720", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28720" "name": "GLSA-200801-02",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200801-02.xml"
"name" : "29267", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29267" "name": "oval:org.mitre.oval:def:9725",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9725"
"name" : "29420", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29420" "name": "27598",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27598"
"name" : "30155", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30155" "name": "http://bugs.gentoo.org/show_bug.cgi?id=198976",
}, "refsource": "MISC",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=198976"
"name" : "30219", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30219" "name": "GLSA-200801-19",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200801-19.xml"
"name" : "30106", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30106" "name": "GLSA-200801-18",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200801-18.xml"
"name" : "pcre-regex-code-execution(38272)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38272" "name": "DSA-1399",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2007/dsa-1399"
} },
} {
"name": "28414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28414"
},
{
"name": "26346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26346"
},
{
"name": "30106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30106"
},
{
"name": "28714",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28714"
}
]
}
}

160
2007/1xxx/CVE-2007-1883.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1883", "ID": "CVE-2007-1883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.php-security.org/MOPB/MOPB-37-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.php-security.org/MOPB/MOPB-37-2007.html" "lang": "eng",
}, "value": "PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to read arbitrary memory locations via an interruption that triggers a user space error handler that changes a parameter to an arbitrary pointer, as demonstrated via the iptcembed function, which calls certain convert_to_* functions with its input parameters."
{ }
"name" : "GLSA-200710-02", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24542", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24542" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "27102", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/27102" ]
}, },
{ "references": {
"name" : "php-userspace-information-disclosure(33750)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750" "name": "24542",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24542"
} },
} {
"name": "GLSA-200710-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
},
{
"name": "http://www.php-security.org/MOPB/MOPB-37-2007.html",
"refsource": "MISC",
"url": "http://www.php-security.org/MOPB/MOPB-37-2007.html"
},
{
"name": "php-userspace-information-disclosure(33750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33750"
},
{
"name": "27102",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27102"
}
]
}
}

140
2007/5xxx/CVE-2007-5079.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-5079", "ID": "CVE-2007-5079",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=181302", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=181302" "lang": "eng",
}, "value": "Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions."
{ }
"name" : "RHSA-2010:0657", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0657.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "rhel-tcpwrapper-security-bypass(36791)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2010:0657",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0657.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=181302",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=181302"
},
{
"name": "rhel-tcpwrapper-security-bypass(36791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36791"
}
]
}
}

190
2007/5xxx/CVE-2007-5290.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5290", "ID": "CVE-2007-5290",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071005 Reporting Vulnerable Public Web mail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=119161078031690&w=2" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in MailBee WebMail Pro 3.4 and earlier; and possibly MailBee WebMail Pro ASP before 3.4.64, WebMail Lite ASP before 4.0.11, and WebMail Lite PHP before 4.0.22; allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to login.php and the (2) mode2 parameter to default.asp in an advanced_login mode."
{ }
"name" : "25942", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25942" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3450", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3450" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37649", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37649" ]
}, },
{ "references": {
"name" : "37650", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37650" "name": "ADV-2007-3450",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3450"
"name" : "1018783", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018783" "name": "37649",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37649"
"name" : "27073", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27073" "name": "1018783",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018783"
"name" : "mailbee-login-default-xss(36979)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36979" "name": "37650",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/37650"
} },
} {
"name": "25942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25942"
},
{
"name": "20071005 Reporting Vulnerable Public Web mail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=119161078031690&w=2"
},
{
"name": "27073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27073"
},
{
"name": "mailbee-login-default-xss(36979)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36979"
}
]
}
}

180
2007/5xxx/CVE-2007-5502.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-5502", "ID": "CVE-2007-5502",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.openssl.org/news/secadv_20071129.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.openssl.org/news/secadv_20071129.txt" "lang": "eng",
}, "value": "The PRNG implementation for the OpenSSL FIPS Object Module 1.1.1 does not perform auto-seeding during the FIPS self-test, which generates random data that is more predictable than expected and makes it easier for attackers to bypass protection mechanisms that rely on the randomness."
{ }
"name" : "VU#150249", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/150249" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26652", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26652" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-4044", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/4044" ]
}, },
{ "references": {
"name" : "1019029", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019029" "name": "ADV-2007-4044",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4044"
"name" : "27859", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27859" "name": "26652",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26652"
"name" : "openssl-fips-prng-security-bypass(38796)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38796" "name": "1019029",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1019029"
} },
} {
"name": "http://www.openssl.org/news/secadv_20071129.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20071129.txt"
},
{
"name": "27859",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27859"
},
{
"name": "openssl-fips-prng-security-bypass(38796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38796"
},
{
"name": "VU#150249",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/150249"
}
]
}
}

200
2007/5xxx/CVE-2007-5529.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5529", "ID": "CVE-2007-5529",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Self-Service Web Applications component in client-only installations of Oracle E-Business Suite 11.5.10.2 has unknown impact and remote attack vectors, aka APP08."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-290A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" ]
}, },
{ "references": {
"name" : "ADV-2007-3524", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
} {
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
}

34
2007/5xxx/CVE-2007-5748.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5748", "ID": "CVE-2007-5748",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2007/5xxx/CVE-2007-5869.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5869", "ID": "CVE-2007-5869",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/3xxx/CVE-2015-3004.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3004", "ID": "CVE-2015-3004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675" "lang": "eng",
}, "value": "J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7, 13.2 before 13.2R6, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R5, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, and 14.2 before 14.2R1 allows remote attackers to conduct clickjacking attacks via an X-Frame-Options header."
{ }
"name" : "74017", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/74017" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1032090", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032090" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1032090",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032090"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10675"
},
{
"name": "74017",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74017"
}
]
}
}

34
2015/3xxx/CVE-2015-3425.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3425", "ID": "CVE-2015-3425",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2015/3xxx/CVE-2015-3930.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3930", "ID": "CVE-2015-3930",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2015/3xxx/CVE-2015-3986.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3986", "ID": "CVE-2015-3986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators for requests that conduct directory traversal attacks via the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535396/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to hijack the authentication of administrators for requests that conduct directory traversal attacks via the tcp_box_path parameter in the checkout_editor_settings page to wp-admin/admin.php."
{ }
"name" : "36860", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/36860/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.htbridge.com/advisory/HTB23254", ]
"refsource" : "MISC", }
"url" : "https://www.htbridge.com/advisory/HTB23254" ]
}, },
{ "references": {
"name" : "https://wordpress.org/plugins/thecartpress/changelog/", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/thecartpress/changelog/" "name": "https://www.htbridge.com/advisory/HTB23254",
}, "refsource": "MISC",
{ "url": "https://www.htbridge.com/advisory/HTB23254"
"name" : "74395", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74395" "name": "https://wordpress.org/plugins/thecartpress/changelog/",
} "refsource": "CONFIRM",
] "url": "https://wordpress.org/plugins/thecartpress/changelog/"
} },
} {
"name": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131673/WordPress-TheCartPress-1.3.9-XSS-Local-File-Inclusion.html"
},
{
"name": "74395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74395"
},
{
"name": "36860",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/36860/"
},
{
"name": "20150429 Multiple Vulnerabilities in TheCartPress WordPress plugin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535396/100/0/threaded"
}
]
}
}

160
2015/4xxx/CVE-2015-4354.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4354", "ID": "CVE-2015-4354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 and 7.x before 7.x-2.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "https://www.drupal.org/node/2437991", ]
"refsource" : "MISC", },
"url" : "https://www.drupal.org/node/2437991" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.drupal.org/node/2463199", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/node/2463199" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.drupal.org/node/2463207", ]
"refsource" : "CONFIRM", }
"url" : "https://www.drupal.org/node/2463207" ]
}, },
{ "references": {
"name" : "72812", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/72812" "name": "72812",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/72812"
} },
} {
"name": "https://www.drupal.org/node/2463199",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2463199"
},
{
"name": "https://www.drupal.org/node/2437991",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2437991"
},
{
"name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/04/25/6"
},
{
"name": "https://www.drupal.org/node/2463207",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2463207"
}
]
}
}

130
2015/4xxx/CVE-2015-4713.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4713", "ID": "CVE-2015-4713",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html" "lang": "eng",
}, "value": "SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php."
{ }
"name" : "75390", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/75390" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/132369/ApPHP-Hotel-Site-3.x.x-SQL-Injection.html"
},
{
"name": "75390",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75390"
}
]
}
}

34
2015/7xxx/CVE-2015-7131.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7131", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7131",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

140
2015/7xxx/CVE-2015-7378.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7378", "ID": "CVE-2015-7378",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the \"Panda Security URL Filtering\" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39670", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39670/" "lang": "eng",
}, "value": "Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the \"Panda Security URL Filtering\" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe."
{ }
"name" : "20160406 Panda Security 2016 Home User Products - Privilege Escalation", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Apr/25" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html"
},
{
"name": "39670",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39670/"
},
{
"name": "20160406 Panda Security 2016 Home User Products - Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/25"
}
]
}
}

120
2015/7xxx/CVE-2015-7467.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-7467", "ID": "CVE-2015-7467",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972485", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972485" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972485",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972485"
}
]
}
}

130
2015/7xxx/CVE-2015-7767.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7767", "ID": "CVE-2015-7767",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long USER command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "37908", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/37908/" "lang": "eng",
}, "value": "Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long USER command."
{ }
"name" : "38252", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/38252/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37908",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/37908/"
},
{
"name": "38252",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38252/"
}
]
}
}

34
2015/8xxx/CVE-2015-8183.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8183", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8183",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

200
2015/8xxx/CVE-2015-8362.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8362", "ID": "CVE-2015-8362",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/537343/100/0/threaded" "lang": "eng",
}, "value": "The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote attackers to obtain access via a (1) SSH or (2) HTTP session, a different vulnerability than CVE-2016-1984."
{ }
"name" : "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Jan/63" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html", "description": [
"refsource" : "MISC", {
"url" : "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt", ]
"refsource" : "MISC", }
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt" ]
}, },
{ "references": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02", "reference_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02" "name": "VU#992624",
}, "refsource": "CERT-VN",
{ "url": "https://www.kb.cert.org/vuls/id/992624"
"name" : "http://www.amx.com/techcenter/NXSecurityBrief/", },
"refsource" : "CONFIRM", {
"url" : "http://www.amx.com/techcenter/NXSecurityBrief/" "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02",
}, "refsource": "MISC",
{ "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-049-02"
"name" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files", },
"refsource" : "CONFIRM", {
"url" : "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files" "name": "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2016/Jan/63"
"name" : "VU#992624", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/992624" "name": "20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/537343/100/0/threaded"
"name" : "81545", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81545" "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt",
} "refsource": "MISC",
] "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160121-0_AMX_Deliberately_hidden_backdoor_account_v10.txt"
} },
} {
"name": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files",
"refsource": "CONFIRM",
"url": "http://www.amx.com/techcenter/firmware.asp?Category=Hot%20Fix%20Files"
},
{
"name": "81545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81545"
},
{
"name": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html",
"refsource": "MISC",
"url": "http://blog.sec-consult.com/2016/01/deliberately-hidden-backdoor-account-in.html"
},
{
"name": "http://www.amx.com/techcenter/NXSecurityBrief/",
"refsource": "CONFIRM",
"url": "http://www.amx.com/techcenter/NXSecurityBrief/"
}
]
}
}

210
2015/8xxx/CVE-2015-8419.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-8419", "ID": "CVE-2015-8419",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, and CVE-2015-8455."
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", ]
"refsource" : "CONFIRM", },
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", ]
"refsource" : "CONFIRM", }
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" ]
}, },
{ "references": {
"name" : "GLSA-201601-03", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201601-03" "name": "openSUSE-SU-2015:2239",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html"
"name" : "SUSE-SU-2015:2236", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
"name" : "SUSE-SU-2015:2247", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html",
}, "refsource": "CONFIRM",
{ "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html"
"name" : "openSUSE-SU-2015:2239", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" "name": "SUSE-SU-2015:2236",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html"
"name" : "78710", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78710" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
"name" : "1034318", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034318" "name": "SUSE-SU-2015:2247",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html"
} },
} {
"name": "1034318",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034318"
},
{
"name": "GLSA-201601-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201601-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"name": "78710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78710"
}
]
}
}

140
2015/8xxx/CVE-2015-8890.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-8890", "ID": "CVE-2015-8890",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2016-07-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2016-07-01.html" "lang": "eng",
}, "value": "platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard (MMC), aka Android internal bug 28822878 and Qualcomm internal bug CR823461."
{ }
"name" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "91628", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91628" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=e22aca36da2bb6f5016f3c885eb8c8ff85c115e4"
},
{
"name": "91628",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91628"
},
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
}
]
}
}

150
2015/8xxx/CVE-2015-8974.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8974", "ID": "CVE-2015-8974",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" "lang": "eng",
}, "value": "SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94397", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94397" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/",
"refsource": "CONFIRM",
"url": "https://blog.mybb.com/2015/09/07/mybb-1-8-6-1-6-18-merge-system-1-8-6-release/"
},
{
"name": "94397",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94397"
},
{
"name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/18/1"
},
{
"name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/10/8"
}
]
}
}

140
2015/9xxx/CVE-2015-9024.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2015-9024", "ID": "CVE-2015-9024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Control Vulnerability in TrustZone"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to QTEE applications."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Improper Access Control Vulnerability in TrustZone"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
}

132
2015/9xxx/CVE-2015-9132.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9132", "ID": "CVE-2015-9132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile,Small Cell SoC", "product_name": "Snapdragon Mobile,Small Cell SoC",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 810" "version_value": "FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 810"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Untrusted pointer dereference may cause arbitrary reads in QSEE syscall helper module"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Untrusted pointer dereference may cause arbitrary reads in QSEE syscall helper module"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

140
2016/0xxx/CVE-2016-0731.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-0731", "ID": "CVE-2016-0731",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1" "lang": "eng",
}, "value": "The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration."
{ }
"name" : "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html", ]
"refsource" : "CONFIRM", },
"url" : "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://issues.apache.org/jira/browse/AMBARI-14780", "description": [
"refsource" : "CONFIRM", {
"url" : "https://issues.apache.org/jira/browse/AMBARI-14780" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://issues.apache.org/jira/browse/AMBARI-14780",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/AMBARI-14780"
},
{
"name": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html",
"refsource": "CONFIRM",
"url": "https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.1.0/bk_releasenotes_ambari_2.2.1.0/content/ambari_relnotes-2.2.1.0-cves.html"
},
{
"name": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1",
"refsource": "CONFIRM",
"url": "https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.2.1"
}
]
}
}

140
2016/1xxx/CVE-2016-1171.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1171", "ID": "CVE-2016-1171",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://hiniarata.jp/news/archives/55", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://hiniarata.jp/news/archives/55" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "JVN#13288761", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN13288761/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000040", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000040" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#13288761",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN13288761/index.html"
},
{
"name": "https://hiniarata.jp/news/archives/55",
"refsource": "CONFIRM",
"url": "https://hiniarata.jp/news/archives/55"
},
{
"name": "JVNDB-2016-000040",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000040"
}
]
}
}

140
2016/1xxx/CVE-2016-1384.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2016-1384", "ID": "CVE-2016-1384",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160419 Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios" "lang": "eng",
}, "value": "The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898."
{ }
"name" : "86685", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/86685" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035622", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035622" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "86685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/86685"
},
{
"name": "1035622",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035622"
},
{
"name": "20160419 Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160419-ios"
}
]
}
}

160
2016/5xxx/CVE-2016-5187.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5187", "ID": "CVE-2016-5187",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome prior to 54.0.2840.85 for Android", "product_name": "Chrome prior to 54.0.2840.85 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Chrome prior to 54.0.2840.85 for Android" "version_value": "Chrome prior to 54.0.2840.85 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "spoof the contents of the Omnibox (URL bar)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Google Chrome prior to 54.0.2840.85 for Android incorrectly handled rapid transition into and out of full screen mode, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages."
{ }
"name" : "https://crbug.com/639702", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/639702" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201610-09", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-09" "lang": "eng",
}, "value": "spoof the contents of the Omnibox (URL bar)"
{ }
"name" : "RHSA-2016:2067", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" ]
}, },
{ "references": {
"name" : "93528", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93528" "name": "https://crbug.com/639702",
} "refsource": "CONFIRM",
] "url": "https://crbug.com/639702"
} },
} {
"name": "93528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93528"
},
{
"name": "RHSA-2016:2067",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html"
},
{
"name": "GLSA-201610-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-09"
},
{
"name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html"
}
]
}
}

160
2016/5xxx/CVE-2016-5189.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5189", "ID": "CVE-2016-5189",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android", "product_name": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android" "version_value": "Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "spoof the contents of the Omnibox (URL bar)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android permitted navigation to blob URLs with non-canonical origins, which allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via crafted HTML pages."
{ }
"name" : "https://crbug.com/646278", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/646278" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201610-09", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-09" "lang": "eng",
}, "value": "spoof the contents of the Omnibox (URL bar)"
{ }
"name" : "RHSA-2016:2067", ]
"refsource" : "REDHAT", }
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" ]
}, },
{ "references": {
"name" : "93528", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93528" "name": "https://crbug.com/646278",
} "refsource": "CONFIRM",
] "url": "https://crbug.com/646278"
} },
} {
"name": "93528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93528"
},
{
"name": "RHSA-2016:2067",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html"
},
{
"name": "GLSA-201610-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-09"
},
{
"name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html"
}
]
}
}

600
2016/5xxx/CVE-2016-5195.json
View File

@ -1,302 +1,302 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5195", "ID": "CVE-2016-5195",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40839", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40839/" "lang": "eng",
}, "value": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\""
{ }
"name" : "40847", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/40847/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "40611", "description": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40611/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "40616", ]
"refsource" : "EXPLOIT-DB", }
"url" : "https://www.exploit-db.com/exploits/40616/" ]
}, },
{ "references": {
"name" : "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/10/26/7" "name": "RHSA-2016:2107",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
"name" : "https://dirtycow.ninja", },
"refsource" : "MISC", {
"url" : "https://dirtycow.ninja" "name": "40616",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40616/"
"name" : "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs", },
"refsource" : "MISC", {
"url" : "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs" "name": "RHSA-2017:0372",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:0372"
"name" : "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails", },
"refsource" : "MISC", {
"url" : "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails" "name": "https://bto.bluecoat.com/security-advisory/sa134",
}, "refsource": "CONFIRM",
{ "url": "https://bto.bluecoat.com/security-advisory/sa134"
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", },
"refsource" : "CONFIRM", {
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241"
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3", },
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"name" : "https://access.redhat.com/security/cve/cve-2016-5195", },
"refsource" : "CONFIRM", {
"url" : "https://access.redhat.com/security/cve/cve-2016-5195" "name": "40839",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40839/"
"name" : "https://access.redhat.com/security/vulnerabilities/2706661", },
"refsource" : "CONFIRM", {
"url" : "https://access.redhat.com/security/vulnerabilities/2706661" "name": "https://dirtycow.ninja",
}, "refsource": "MISC",
{ "url": "https://dirtycow.ninja"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1384344", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1384344" "name": "40847",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40847/"
"name" : "https://bugzilla.suse.com/show_bug.cgi?id=1004418", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.suse.com/show_bug.cgi?id=1004418" "name": "RHSA-2016:2118",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2118.html"
"name" : "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619" "name": "RHSA-2016:2128",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
"name" : "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html", },
"refsource" : "CONFIRM", {
"url" : "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html" "name": "https://source.android.com/security/bulletin/2016-12-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://source.android.com/security/bulletin/2016-12-01.html"
"name" : "https://security-tracker.debian.org/tracker/CVE-2016-5195", },
"refsource" : "CONFIRM", {
"url" : "https://security-tracker.debian.org/tracker/CVE-2016-5195" "name": "RHSA-2016:2120",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2120.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463" "name": "[oss-security] 20161026 Re: CVE-2016-5195 \"Dirty COW\" Linux kernel privilege escalation vulnerability",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/10/26/7"
"name" : "https://source.android.com/security/bulletin/2016-11-01.html", },
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-11-01.html" "name": "RHSA-2016:2133",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541" "name": "RHSA-2016:2098",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2098.html"
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241" "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us"
"name" : "https://bto.bluecoat.com/security-advisory/sa134", },
"refsource" : "CONFIRM", {
"url" : "https://bto.bluecoat.com/security-advisory/sa134" "name": "VU#243144",
}, "refsource": "CERT-VN",
{ "url": "https://www.kb.cert.org/vuls/id/243144"
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10176", },
"refsource" : "CONFIRM", {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10176" "name": "https://bugzilla.suse.com/show_bug.cgi?id=1004418",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.suse.com/show_bug.cgi?id=1004418"
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", },
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "name": "1037078",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037078"
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us" "name": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html",
}, "refsource": "CONFIRM",
{ "url": "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html"
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us" "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us"
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us" "name": "https://security.netapp.com/advisory/ntap-20161025-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20161025-0001/"
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us", },
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us" "name": "93793",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93793"
"name" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/73", },
"refsource" : "CONFIRM", {
"url" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/73" "name": "RHSA-2016:2127",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2127.html"
"name" : "https://security.netapp.com/advisory/ntap-20161025-0001/", },
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20161025-0001/" "name": "https://security-tracker.debian.org/tracker/CVE-2016-5195",
}, "refsource": "CONFIRM",
{ "url": "https://security-tracker.debian.org/tracker/CVE-2016-5195"
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "name": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs",
}, "refsource": "MISC",
{ "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs"
"name" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes", },
"refsource" : "CONFIRM", {
"url" : "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes" "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us"
"name" : "RHSA-2016:2098", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2098.html" "name": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
"name" : "RHSA-2016:2105", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2105.html" "name": "http://securityadvisories.paloaltonetworks.com/Home/Detail/73",
}, "refsource": "CONFIRM",
{ "url": "http://securityadvisories.paloaltonetworks.com/Home/Detail/73"
"name" : "RHSA-2016:2106", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2106.html" "name": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes",
}, "refsource": "CONFIRM",
{ "url": "https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"
"name" : "RHSA-2016:2107", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2107.html" "name": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails",
}, "refsource": "MISC",
{ "url": "https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails"
"name" : "RHSA-2016:2110", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2110.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384344"
"name" : "RHSA-2016:2118", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2118.html" "name": "https://access.redhat.com/security/vulnerabilities/2706661",
}, "refsource": "CONFIRM",
{ "url": "https://access.redhat.com/security/vulnerabilities/2706661"
"name" : "RHSA-2016:2120", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2120.html" "name": "RHSA-2016:2106",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2106.html"
"name" : "RHSA-2016:2124", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2124.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619"
"name" : "RHSA-2016:2126", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2126.html" "name": "40611",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/40611/"
"name" : "RHSA-2016:2127", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2127.html" "name": "https://access.redhat.com/security/cve/cve-2016-5195",
}, "refsource": "CONFIRM",
{ "url": "https://access.redhat.com/security/cve/cve-2016-5195"
"name" : "RHSA-2016:2128", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2128.html" "name": "https://source.android.com/security/bulletin/2016-11-01.html",
}, "refsource": "CONFIRM",
{ "url": "https://source.android.com/security/bulletin/2016-11-01.html"
"name" : "RHSA-2016:2132", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2132.html" "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
}, "refsource": "CONFIRM",
{ "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541"
"name" : "RHSA-2016:2133", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2133.html" "name": "RHSA-2016:2124",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2124.html"
"name" : "RHSA-2017:0372", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:0372" "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3",
}, "refsource": "CONFIRM",
{ "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3"
"name" : "VU#243144", },
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/243144" "name": "RHSA-2016:2105",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2105.html"
"name" : "93793", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93793" "name": "RHSA-2016:2126",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2126.html"
"name" : "1037078", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037078" "name": "RHSA-2016:2132",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2132.html"
} },
} {
"name": "RHSA-2016:2110",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10176"
}
]
}
}

300
2016/5xxx/CVE-2016-5440.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5440", "ID": "CVE-2016-5440",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote administrators to affect availability via vectors related to Server: RBR."
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", ]
"refsource" : "CONFIRM", },
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", ]
"refsource" : "CONFIRM", }
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" "name": "USN-3040-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3040-1"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "name": "RHSA-2016:1603",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1603.html"
"name" : "DSA-3624", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3624" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "DSA-3632", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3632" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name" : "RHSA-2016:1601", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" "name": "DSA-3632",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3632"
"name" : "RHSA-2016:1602", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" "name": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/"
"name" : "RHSA-2016:1603", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1603.html" "name": "RHSA-2016:1480",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
"name" : "RHSA-2016:1604", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1604.html" "name": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/"
"name" : "RHSA-2016:1637", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1637.html" "name": "RHSA-2016:1601",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html"
"name" : "RHSA-2016:1480", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168"
"name" : "openSUSE-SU-2016:2278", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" "name": "1036362",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036362"
"name" : "USN-3040-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3040-1" "name": "openSUSE-SU-2016:2278",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html"
"name" : "91787", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "name": "DSA-3624",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3624"
"name" : "91953", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91953" "name": "RHSA-2016:1637",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1637.html"
"name" : "1036362", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036362" "name": "91953",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91953"
} },
} {
"name": "RHSA-2016:1602",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:1604",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1604.html"
}
]
}
}

250
2016/5xxx/CVE-2016-5444.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5444", "ID": "CVE-2016-5444",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Connection."
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/", ]
"refsource" : "CONFIRM", },
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/", ]
"refsource" : "CONFIRM", }
"url" : "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/" ]
}, },
{ "references": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" "name": "RHSA-2016:1481",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" "name": "RHSA-2016:1132",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1132"
"name" : "RHSA-2016:0705", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
"name" : "RHSA-2016:1602", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" "name": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/"
"name" : "RHSA-2016:1132", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1132" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
"name" : "RHSA-2016:1480", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" "name": "RHSA-2016:1480",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html"
"name" : "RHSA-2016:1481", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" "name": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/",
}, "refsource": "CONFIRM",
{ "url": "https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/"
"name" : "91787", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91787" "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168"
"name" : "91987", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91987" "name": "1036362",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036362"
"name" : "1036362", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036362" "name": "RHSA-2016:1602",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html"
} },
} {
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "RHSA-2016:0705",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html"
},
{
"name": "91987",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91987"
},
{
"name": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/"
}
]
}
}

140
2016/5xxx/CVE-2016-5589.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5589", "ID": "CVE-2016-5589",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors."
{ }
"name" : "93694", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93694" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037038", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037038" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "1037038",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037038"
},
{
"name": "93694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93694"
}
]
}
}

268
2018/2xxx/CVE-2018-2622.json
View File

@ -1,136 +1,136 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2622", "ID": "CVE-2018-2622",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.5.58 and prior" "version_value": "5.5.58 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.6.38 and prior" "version_value": "5.6.38 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.20 and prior" "version_value": "5.7.20 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)."
{ }
"name" : "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20180117-0002/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20180117-0002/" ]
}, },
{ "references": {
"name" : "DSA-4091", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4091" "name": "RHSA-2018:0587",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0587"
"name" : "DSA-4341", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4341" "name": "DSA-4341",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4341"
"name" : "RHSA-2018:0586", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0586" "name": "USN-3537-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3537-1/"
"name" : "RHSA-2018:0587", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:0587" "name": "[debian-lts-announce] 20180119 [SECURITY] [DLA 1250-1] mysql-5.5 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00024.html"
"name" : "RHSA-2018:2439", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2439" "name": "RHSA-2018:0586",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:0586"
"name" : "RHSA-2018:2729", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2729" "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
"name" : "USN-3537-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3537-1/" "name": "RHSA-2018:2729",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2729"
"name" : "USN-3537-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3537-2/" "name": "[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/06/msg00015.html"
"name" : "102706", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/102706" "name": "DSA-4091",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2018/dsa-4091"
"name" : "1040216", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040216" "name": "102706",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/102706"
} },
} {
"name": "RHSA-2018:2439",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2439"
},
{
"name": "USN-3537-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3537-2/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0002/"
},
{
"name": "1040216",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040216"
}
]
}
}

142
2018/2xxx/CVE-2018-2721.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2721", "ID": "CVE-2018-2721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Financial Services Price Creation and Discovery", "product_name": "Financial Services Price Creation and Discovery",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.5" "version_value": "8.0.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)."
{ }
"name" : "102668", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102668" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040214", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040214" "lang": "eng",
} "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Price Creation and Discovery. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Price Creation and Discovery accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Price Creation and Discovery accessible data."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040214",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040214"
},
{
"name": "102668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102668"
}
]
}
}

122
2019/0xxx/CVE-2019-0122.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"DATE_PUBLIC" : "2019-03-12T00:00:00", "DATE_PUBLIC": "2019-03-12T00:00:00",
"ID" : "CVE-2019-0122", "ID": "CVE-2019-0122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel(R) Software Guard Extensions SDK", "product_name": "Intel(R) Software Guard Extensions SDK",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Multiple versions." "version_value": "Multiple versions."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel Corporation" "vendor_name": "Intel Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service, Information Disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html" "lang": "eng",
} "value": "Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service, Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html"
}
]
}
}

34
2019/0xxx/CVE-2019-0367.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0367", "ID": "CVE-2019-0367",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0903.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0903", "ID": "CVE-2019-0903",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0926.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0926", "ID": "CVE-2019-0926",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0965.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0965", "ID": "CVE-2019-0965",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1166.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1166", "ID": "CVE-2019-1166",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1210.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1210", "ID": "CVE-2019-1210",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1759.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1759", "ID": "CVE-2019-1759",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1802.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1802", "ID": "CVE-2019-1802",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4427.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4427", "ID": "CVE-2019-4427",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4537.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4537", "ID": "CVE-2019-4537",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4641.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4641", "ID": "CVE-2019-4641",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4643.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4643", "ID": "CVE-2019-4643",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5157.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5157", "ID": "CVE-2019-5157",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5180.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5180", "ID": "CVE-2019-5180",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/5xxx/CVE-2019-5311.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5311", "ID": "CVE-2019-5311",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/doublefast/yunucms/issues/5", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/doublefast/yunucms/issues/5" "lang": "eng",
} "value": "An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.php has an XSS vulnerability via the index.php/index/show/index cw parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/doublefast/yunucms/issues/5",
"refsource": "MISC",
"url": "https://github.com/doublefast/yunucms/issues/5"
}
]
}
}

34
2019/5xxx/CVE-2019-5722.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5722", "ID": "CVE-2019-5722",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9069.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9069", "ID": "CVE-2019-9069",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9145.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9145", "ID": "CVE-2019-9145",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.cnblogs.com/7bit/articles/10389939.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.cnblogs.com/7bit/articles/10389939.html" "lang": "eng",
} "value": "An issue was discovered in Hsycms V1.1. There is an XSS vulnerability via the name field to the /book page."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cnblogs.com/7bit/articles/10389939.html",
"refsource": "MISC",
"url": "https://www.cnblogs.com/7bit/articles/10389939.html"
}
]
}
}

34
2019/9xxx/CVE-2019-9525.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9525", "ID": "CVE-2019-9525",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }