admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:02:33 +00:00
parent e6d40c447e
commit 87ff3f7630
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3627 additions and 3627 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
2007/0xxx/CVE-2007-0632.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0632", "ID": "CVE-2007-0632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via a username cookie, a different vector than CVE-2007-0560." "value": "SQL injection vulnerability in artreplydelete.asp in ASP EDGE 1.3a and earlier allows remote attackers to execute arbitrary SQL commands via a username cookie, a different vector than CVE-2007-0560."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "ADV-2007-0341", "name": "36634",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2007/0341" "url": "http://osvdb.org/36634"
}, },
{ {
"name" : "36634", "name": "ADV-2007-0341",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/36634" "url": "http://www.vupen.com/english/advisories/2007/0341"
} }
] ]
} }

74
2007/3xxx/CVE-2007-3161.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3161", "ID": "CVE-2007-3161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response." "value": "Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "4058", "name": "4058",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/4058" "url": "https://www.exploit-db.com/exploits/4058"
}, },
{ {
"name" : "24403", "name": "aceftp-server-bo(34795)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/24403" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34795"
}, },
{ {
"name" : "aceftp-server-bo(34795)", "name": "24403",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34795" "url": "http://www.securityfocus.com/bid/24403"
} }
] ]
} }

68
2007/3xxx/CVE-2007-3983.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3983", "ID": "CVE-2007-3983",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveReports) ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to the SaveLayout method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." "value": "Absolute path traversal vulnerability in the Data Dynamics DDActiveReports2.ActiveReport.2 (ActiveReports) ActiveX control in arpro2.dll in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) allows remote attackers to create or overwrite arbitrary files via a full pathname in an argument to the SaveLayout method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "26112", "name": "activereports-arpro2-file-overwrite(36056)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/26112" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36056"
}, },
{ {
"name" : "activereports-arpro2-file-overwrite(36056)", "name": "26112",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36056" "url": "http://secunia.com/advisories/26112"
} }
] ]
} }

128
2007/4xxx/CVE-2007-4642.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4642", "ID": "CVE-2007-4642",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\\0' character." "value": "Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\\0' character."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1", "name": "3084",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/478077/100/0/threaded" "url": "http://securityreason.com/securityalert/3084"
}, },
{ {
"name" : "http://aluigi.altervista.org/adv/dumsdei-adv.txt", "name": "28821",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://aluigi.altervista.org/adv/dumsdei-adv.txt" "url": "http://secunia.com/advisories/28821"
}, },
{ {
"name" : "http://aluigi.org/poc/dumsdei.zip", "name": "doomsday-dnetplayerevent-bo(36332)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://aluigi.org/poc/dumsdei.zip" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332"
}, },
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=190835", "name": "http://aluigi.altervista.org/adv/dumsdei-adv.txt",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=190835" "url": "http://aluigi.altervista.org/adv/dumsdei-adv.txt"
}, },
{ {
"name" : "GLSA-200802-02", "name": "http://bugs.gentoo.org/show_bug.cgi?id=190835",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-200802-02.xml" "url": "http://bugs.gentoo.org/show_bug.cgi?id=190835"
}, },
{ {
"name" : "25483", "name": "26524",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/25483" "url": "http://secunia.com/advisories/26524"
}, },
{ {
"name" : "26524", "name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/26524" "url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded"
}, },
{ {
"name" : "28821", "name": "doomsday-msgwrite-bo(36333)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/28821" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333"
}, },
{ {
"name" : "3084", "name": "25483",
"refsource" : "SREASON", "refsource": "BID",
"url" : "http://securityreason.com/securityalert/3084" "url": "http://www.securityfocus.com/bid/25483"
}, },
{ {
"name" : "doomsday-dnetplayerevent-bo(36332)", "name": "GLSA-200802-02",
"refsource" : "XF", "refsource": "GENTOO",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36332" "url": "http://security.gentoo.org/glsa/glsa-200802-02.xml"
}, },
{ {
"name" : "doomsday-msgwrite-bo(36333)", "name": "doomsday-netsvreadcommands-bo(36334)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36333" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334"
}, },
{ {
"name" : "doomsday-netsvreadcommands-bo(36334)", "name": "http://aluigi.org/poc/dumsdei.zip",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36334" "url": "http://aluigi.org/poc/dumsdei.zip"
} }
] ]
} }

224
2007/4xxx/CVE-2007-4850.json
View File

@ -1,196 +1,196 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4850", "ID": "CVE-2007-4850",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \\x00 sequence, a different vulnerability than CVE-2006-2563." "value": "curl/interface.c in the cURL library (aka libcurl) in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files via a file:// request containing a \\x00 sequence, a different vulnerability than CVE-2006-2563."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20080122 PHP 5.2.5 cURL safe_mode bypass", "name": "ADV-2008-1412",
"refsource" : "SREASONRES", "refsource": "VUPEN",
"url" : "http://securityreason.com/achievement_securityalert/51" "url": "http://www.vupen.com/english/advisories/2008/1412"
}, },
{ {
"name" : "20080122 PHP 5.2.5 cURL safe_mode bypass", "name": "APPLE-SA-2008-07-31",
"refsource" : "BUGTRAQ", "refsource": "APPLE",
"url" : "http://www.securityfocus.com/archive/1/486856/100/0/threaded" "url": "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html"
}, },
{ {
"name" : "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql", "name": "31681",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/492671/100/0/threaded" "url": "http://www.securityfocus.com/bid/31681"
}, },
{ {
"name" : "20080122 PHP 5.2.5 cURL safe_mode bypass", "name": "29009",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059849.html" "url": "http://www.securityfocus.com/bid/29009"
}, },
{ {
"name" : "[oss-security] 20080502 CVE Request (PHP)", "name": "27413",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2008/05/02/2" "url": "http://www.securityfocus.com/bid/27413"
}, },
{ {
"name" : "http://cvs.php.net/viewcvs.cgi/php-src/NEWS?revision=1.2027.2.547.2.1047&view=markup", "name": "ADV-2008-2268",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://cvs.php.net/viewcvs.cgi/php-src/NEWS?revision=1.2027.2.547.2.1047&view=markup" "url": "http://www.vupen.com/english/advisories/2008/2268"
}, },
{ {
"name" : "http://www.php.net/ChangeLog-5.php", "name": "USN-628-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "http://www.php.net/ChangeLog-5.php" "url": "http://www.ubuntu.com/usn/usn-628-1"
}, },
{ {
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178", "name": "20080122 PHP 5.2.5 cURL safe_mode bypass",
"refsource" : "CONFIRM", "refsource": "BUGTRAQ",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178" "url": "http://www.securityfocus.com/archive/1/486856/100/0/threaded"
}, },
{ {
"name" : "http://support.apple.com/kb/HT3216", "name": "20080122 PHP 5.2.5 cURL safe_mode bypass",
"refsource" : "CONFIRM", "refsource": "SREASONRES",
"url" : "http://support.apple.com/kb/HT3216" "url": "http://securityreason.com/achievement_securityalert/51"
}, },
{ {
"name" : "APPLE-SA-2008-07-31", "name": "[oss-security] 20080502 CVE Request (PHP)",
"refsource" : "APPLE", "refsource": "MLIST",
"url" : "http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html" "url": "http://www.openwall.com/lists/oss-security/2008/05/02/2"
}, },
{ {
"name" : "APPLE-SA-2008-10-09", "name": "20080527 rPSA-2008-0178-1 php php-mysql php-pgsql",
"refsource" : "APPLE", "refsource": "BUGTRAQ",
"url" : "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" "url": "http://www.securityfocus.com/archive/1/492671/100/0/threaded"
}, },
{ {
"name" : "MDVSA-2009:022", "name": "30411",
"refsource" : "MANDRIVA", "refsource": "SECUNIA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022" "url": "http://secunia.com/advisories/30411"
}, },
{ {
"name" : "MDVSA-2009:023", "name": "http://www.php.net/ChangeLog-5.php",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023" "url": "http://www.php.net/ChangeLog-5.php"
}, },
{ {
"name" : "USN-628-1", "name": "MDVSA-2009:023",
"refsource" : "UBUNTU", "refsource": "MANDRIVA",
"url" : "http://www.ubuntu.com/usn/usn-628-1" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:023"
}, },
{ {
"name" : "27413", "name": "MDVSA-2009:022",
"refsource" : "BID", "refsource": "MANDRIVA",
"url" : "http://www.securityfocus.com/bid/27413" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:022"
}, },
{ {
"name" : "29009", "name": "31200",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/29009" "url": "http://secunia.com/advisories/31200"
}, },
{ {
"name" : "31681", "name": "32222",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/31681" "url": "http://secunia.com/advisories/32222"
}, },
{ {
"name" : "ADV-2008-1412", "name": "20080122 PHP 5.2.5 cURL safe_mode bypass",
"refsource" : "VUPEN", "refsource": "FULLDISC",
"url" : "http://www.vupen.com/english/advisories/2008/1412" "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059849.html"
}, },
{ {
"name" : "ADV-2008-2268", "name": "3562",
"refsource" : "VUPEN", "refsource": "SREASON",
"url" : "http://www.vupen.com/english/advisories/2008/2268" "url": "http://securityreason.com/securityalert/3562"
}, },
{ {
"name" : "ADV-2008-2780", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2008/2780" "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0178"
}, },
{ {
"name" : "30048", "name": "31326",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/30048" "url": "http://secunia.com/advisories/31326"
}, },
{ {
"name" : "30411", "name": "ADV-2008-2780",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/30411" "url": "http://www.vupen.com/english/advisories/2008/2780"
}, },
{ {
"name" : "31200", "name": "php-safemode-directive-security-bypass(42134)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/31200" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42134"
}, },
{ {
"name" : "31326", "name": "php-curlinit-security-bypass(39852)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/31326" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39852"
}, },
{ {
"name" : "32222", "name": "APPLE-SA-2008-10-09",
"refsource" : "SECUNIA", "refsource": "APPLE",
"url" : "http://secunia.com/advisories/32222" "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
}, },
{ {
"name" : "3562", "name": "http://support.apple.com/kb/HT3216",
"refsource" : "SREASON", "refsource": "CONFIRM",
"url" : "http://securityreason.com/securityalert/3562" "url": "http://support.apple.com/kb/HT3216"
}, },
{ {
"name" : "php-curlinit-security-bypass(39852)", "name": "http://cvs.php.net/viewcvs.cgi/php-src/NEWS?revision=1.2027.2.547.2.1047&view=markup",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39852" "url": "http://cvs.php.net/viewcvs.cgi/php-src/NEWS?revision=1.2027.2.547.2.1047&view=markup"
}, },
{ {
"name" : "php-safemode-directive-security-bypass(42134)", "name": "30048",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42134" "url": "http://secunia.com/advisories/30048"
} }
] ]
} }

92
2007/6xxx/CVE-2007-6144.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6144", "ID": "CVE-2007-6144",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information." "value": "Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlayerUrl property value. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.nohack.cn/hacknews/20071119/1916.html", "name": "http://www.nohack.cn/hacknews/20071119/1916.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.nohack.cn/hacknews/20071119/1916.html" "url": "http://www.nohack.cn/hacknews/20071119/1916.html"
}, },
{ {
"name" : "http://www.sebug.net/exploit/2575", "name": "ADV-2007-3982",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://www.sebug.net/exploit/2575" "url": "http://www.vupen.com/english/advisories/2007/3982"
}, },
{ {
"name" : "26536", "name": "39680",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/26536" "url": "http://osvdb.org/39680"
}, },
{ {
"name" : "ADV-2007-3982", "name": "26536",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/3982" "url": "http://www.securityfocus.com/bid/26536"
}, },
{ {
"name" : "39680", "name": "http://www.sebug.net/exploit/2575",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/39680" "url": "http://www.sebug.net/exploit/2575"
}, },
{ {
"name" : "27795", "name": "27795",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/27795" "url": "http://secunia.com/advisories/27795"
} }
] ]
} }

68
2007/6xxx/CVE-2007-6463.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6463", "ID": "CVE-2007-6463",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in PHP Real Estate Classifieds allow remote attackers to inject arbitrary web script or HTML via unspecified \"text areas/boxes.\"" "value": "Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in PHP Real Estate Classifieds allow remote attackers to inject arbitrary web script or HTML via unspecified \"text areas/boxes.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://phprealestatescript.com/PHPREC-121707-646PM-PATCH.zip", "name": "http://phprealestatescript.com/PHPREC-121707-646PM-PATCH.zip",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://phprealestatescript.com/PHPREC-121707-646PM-PATCH.zip" "url": "http://phprealestatescript.com/PHPREC-121707-646PM-PATCH.zip"
}, },
{ {
"name" : "43708", "name": "43708",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/43708" "url": "http://osvdb.org/43708"
} }
] ]
} }

80
2007/6xxx/CVE-2007-6513.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6513", "ID": "CVE-2007-6513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method." "value": "HP eSupportDiagnostics ActiveX control (hpediag.dll) 1.0.11.0 exports dangerous methods, which allows remote attackers to (1) read arbitrary files via the ReadTextFile method, or (2) read arbitrary registry values via the ReadValue method."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20071219 HP eSupportDiagnostics hpediags.dll Information Disclosure", "name": "20071219 HP eSupportDiagnostics hpediags.dll Information Disclosure",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-12/0470.html"
}, },
{ {
"name" : "http://www.heise-security.co.uk/news/100934", "name": "26967",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.heise-security.co.uk/news/100934" "url": "http://www.securityfocus.com/bid/26967"
}, },
{ {
"name" : "26967", "name": "http://www.heise-security.co.uk/news/100934",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/26967" "url": "http://www.heise-security.co.uk/news/100934"
}, },
{ {
"name" : "hp-esupportdiagnostics-info-disclosure(39156)", "name": "hp-esupportdiagnostics-info-disclosure(39156)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39156" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39156"
} }
] ]
} }

128
2007/6xxx/CVE-2007-6520.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6520", "ID": "CVE-2007-6520",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins." "value": "Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=202770", "name": "http://www.opera.com/docs/changelogs/windows/925/",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=202770" "url": "http://www.opera.com/docs/changelogs/windows/925/"
}, },
{ {
"name" : "http://www.opera.com/docs/changelogs/linux/925/", "name": "http://bugs.gentoo.org/show_bug.cgi?id=202770",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://www.opera.com/docs/changelogs/linux/925/" "url": "http://bugs.gentoo.org/show_bug.cgi?id=202770"
}, },
{ {
"name" : "http://www.opera.com/docs/changelogs/windows/925/", "name": "http://www.opera.com/docs/changelogs/linux/925/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.opera.com/docs/changelogs/windows/925/" "url": "http://www.opera.com/docs/changelogs/linux/925/"
}, },
{ {
"name" : "GLSA-200712-22", "name": "1019131",
"refsource" : "GENTOO", "refsource": "SECTRACK",
"url" : "http://security.gentoo.org/glsa/glsa-200712-22.xml" "url": "http://www.securitytracker.com/id?1019131"
}, },
{ {
"name" : "SUSE-SA:2008:001", "name": "28314",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html" "url": "http://secunia.com/advisories/28314"
}, },
{ {
"name" : "26937", "name": "26937",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/26937" "url": "http://www.securityfocus.com/bid/26937"
}, },
{ {
"name" : "ADV-2007-4261", "name": "opera-plugins-security-bypass(39147)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2007/4261" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39147"
}, },
{ {
"name" : "1019131", "name": "SUSE-SA:2008:001",
"refsource" : "SECTRACK", "refsource": "SUSE",
"url" : "http://www.securitytracker.com/id?1019131" "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html"
}, },
{ {
"name" : "28169", "name": "GLSA-200712-22",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/28169" "url": "http://security.gentoo.org/glsa/glsa-200712-22.xml"
}, },
{ {
"name" : "28290", "name": "ADV-2007-4261",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/28290" "url": "http://www.vupen.com/english/advisories/2007/4261"
}, },
{ {
"name" : "28314", "name": "28169",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/28314" "url": "http://secunia.com/advisories/28169"
}, },
{ {
"name" : "opera-plugins-security-bypass(39147)", "name": "28290",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39147" "url": "http://secunia.com/advisories/28290"
} }
] ]
} }

110
2010/5xxx/CVE-2010-5103.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-5103", "ID": "CVE-2010-5103",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors." "value": "SQL injection vulnerability in the list module in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20110113 CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3", "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/13/2" "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/"
}, },
{ {
"name" : "[oss-security] 20120510 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", "name": "45470",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/11/3" "url": "http://www.securityfocus.com/bid/45470"
}, },
{ {
"name" : "[oss-security] 20120511 CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", "name": "35770",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/10/7" "url": "http://secunia.com/advisories/35770"
}, },
{ {
"name" : "[oss-security] 20120512 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE", "name": "[oss-security] 20120512 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/05/12/5" "url": "http://www.openwall.com/lists/oss-security/2012/05/12/5"
}, },
{ {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/", "name": "[oss-security] 20110113 CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-sa-2010-022/" "url": "http://www.openwall.com/lists/oss-security/2011/01/13/2"
}, },
{ {
"name" : "45470", "name": "[oss-security] 20120510 Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/45470" "url": "http://www.openwall.com/lists/oss-security/2012/05/11/3"
}, },
{ {
"name" : "70117", "name": "typo3-listmodule-sql-injection(64184)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/70117" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64184"
}, },
{ {
"name" : "35770", "name": "70117",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/35770" "url": "http://www.osvdb.org/70117"
}, },
{ {
"name" : "typo3-listmodule-sql-injection(64184)", "name": "[oss-security] 20120511 CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64184" "url": "http://www.openwall.com/lists/oss-security/2012/05/10/7"
} }
] ]
} }

68
2010/5xxx/CVE-2010-5219.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-5219", "ID": "CVE-2010-5219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file. NOTE: some of these details are obtained from third party information." "value": "Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/1010-exploits/smartftp4-dllhijack.txt", "name": "41808",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://packetstormsecurity.org/1010-exploits/smartftp4-dllhijack.txt" "url": "http://secunia.com/advisories/41808"
}, },
{ {
"name" : "41808", "name": "http://packetstormsecurity.org/1010-exploits/smartftp4-dllhijack.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/41808" "url": "http://packetstormsecurity.org/1010-exploits/smartftp4-dllhijack.txt"
} }
] ]
} }

80
2014/0xxx/CVE-2014-0036.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0036", "ID": "CVE-2014-0036",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors." "value": "The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140306 CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client", "name": "FEDORA-2014-3573",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://seclists.org/oss-sec/2014/q1/509" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058595", "name": "FEDORA-2014-3526",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1058595" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html"
}, },
{ {
"name" : "FEDORA-2014-3526", "name": "[oss-security] 20140306 CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html" "url": "http://seclists.org/oss-sec/2014/q1/509"
}, },
{ {
"name" : "FEDORA-2014-3573", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595"
} }
] ]
} }

164
2014/1xxx/CVE-2014-1557.json
View File

@ -1,146 +1,146 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2014-1557", "ID": "CVE-2014-1557",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image." "value": "The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html", "name": "59719",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html" "url": "http://secunia.com/advisories/59719"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=913805", "name": "60083",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=913805" "url": "http://secunia.com/advisories/60083"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "60621",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" "url": "http://secunia.com/advisories/60621"
}, },
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-0918.html", "name": "68824",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://linux.oracle.com/errata/ELSA-2014-0918.html" "url": "http://www.securityfocus.com/bid/68824"
}, },
{ {
"name" : "DSA-2986", "name": "GLSA-201504-01",
"refsource" : "DEBIAN", "refsource": "GENTOO",
"url" : "http://www.debian.org/security/2014/dsa-2986" "url": "https://security.gentoo.org/glsa/201504-01"
}, },
{ {
"name" : "DSA-2996", "name": "60306",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2014/dsa-2996" "url": "http://secunia.com/advisories/60306"
}, },
{ {
"name" : "GLSA-201504-01", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201504-01" "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
}, },
{ {
"name" : "68824", "name": "http://linux.oracle.com/errata/ELSA-2014-0918.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/68824" "url": "http://linux.oracle.com/errata/ELSA-2014-0918.html"
}, },
{ {
"name" : "1030619", "name": "1030620",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030619" "url": "http://www.securitytracker.com/id/1030620"
}, },
{ {
"name" : "1030620", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1030620" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=913805"
}, },
{ {
"name" : "59591", "name": "DSA-2996",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/59591" "url": "http://www.debian.org/security/2014/dsa-2996"
}, },
{ {
"name" : "59719", "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/59719" "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-64.html"
}, },
{ {
"name" : "59760", "name": "1030619",
"refsource" : "SECUNIA", "refsource": "SECTRACK",
"url" : "http://secunia.com/advisories/59760" "url": "http://www.securitytracker.com/id/1030619"
}, },
{ {
"name" : "60306", "name": "60486",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60306" "url": "http://secunia.com/advisories/60486"
}, },
{ {
"name" : "60486", "name": "60628",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60486" "url": "http://secunia.com/advisories/60628"
}, },
{ {
"name" : "60621", "name": "DSA-2986",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/60621" "url": "http://www.debian.org/security/2014/dsa-2986"
}, },
{ {
"name" : "60628", "name": "59760",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60628" "url": "http://secunia.com/advisories/59760"
}, },
{ {
"name" : "60083", "name": "59591",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60083" "url": "http://secunia.com/advisories/59591"
} }
] ]
} }

86
2014/1xxx/CVE-2014-1640.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1640", "ID": "CVE-2014-1640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename." "value": "axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows local users to overwrite arbitrary files via a symlink attack on the new filename."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140122 Getting tempfile/mktemp wrong", "name": "[oss-security] 20140122 Re: Getting tempfile/mktemp wrong",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2014/01/22/3" "url": "http://www.openwall.com/lists/oss-security/2014/01/22/4"
}, },
{ {
"name" : "[oss-security] 20140122 Re: Getting tempfile/mktemp wrong", "name": "102383",
"refsource" : "MLIST", "refsource": "OSVDB",
"url" : "http://www.openwall.com/lists/oss-security/2014/01/22/4" "url": "http://www.osvdb.org/102383"
}, },
{ {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736358", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736358",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736358" "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736358"
}, },
{ {
"name" : "102383", "name": "axiom-cve20141640-symlink(90663)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/102383" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90663"
}, },
{ {
"name" : "axiom-cve20141640-symlink(90663)", "name": "[oss-security] 20140122 Getting tempfile/mktemp wrong",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90663" "url": "http://www.openwall.com/lists/oss-security/2014/01/22/3"
} }
] ]
} }

68
2014/1xxx/CVE-2014-1840.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1840", "ID": "CVE-2014-1840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message." "value": "Cross-site scripting (XSS) vulnerability in Upload/search.php in MyBB 1.6.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter in a do_search action, which is not properly handled in a forced SQL error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/", "name": "http://packetstormsecurity.com/files/125038/MyBB-1.6.12-POST-Cross-Site-Scripting.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/" "url": "http://packetstormsecurity.com/files/125038/MyBB-1.6.12-POST-Cross-Site-Scripting.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/125038/MyBB-1.6.12-POST-Cross-Site-Scripting.html", "name": "http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/125038/MyBB-1.6.12-POST-Cross-Site-Scripting.html" "url": "http://osandamalith.wordpress.com/2014/02/02/mybb-1-6-12-post-xss-0day/"
} }
] ]
} }

86
2014/5xxx/CVE-2014-5024.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5024", "ID": "CVE-2014-5024",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter." "value": "Cross-site scripting (XSS) vulnerability in sgms/panelManager in Dell SonicWALL GMS, Analyzer, and UMA before 7.2 SP1 allows remote attackers to inject arbitrary web script or HTML via the node_id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)", "name": "68829",
"refsource" : "FULLDISC", "refsource": "BID",
"url" : "http://seclists.org/fulldisclosure/2014/Jul/125" "url": "http://www.securityfocus.com/bid/68829"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html", "name": "https://support.software.dell.com/product-notification/128245",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html" "url": "https://support.software.dell.com/product-notification/128245"
}, },
{ {
"name" : "https://support.software.dell.com/product-notification/128245", "name": "20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024)",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "https://support.software.dell.com/product-notification/128245" "url": "http://seclists.org/fulldisclosure/2014/Jul/125"
}, },
{ {
"name" : "68829", "name": "60287",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/68829" "url": "http://secunia.com/advisories/60287"
}, },
{ {
"name" : "60287", "name": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/60287" "url": "http://packetstormsecurity.com/files/127575/SonicWALL-GMS-7.2-Build-7221.1701-Cross-Site-Scripting.html"
} }
] ]
} }

62
2014/5xxx/CVE-2014-5400.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-5400", "ID": "CVE-2014-5400",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file." "value": "The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-03"
} }
] ]
} }

22
2014/5xxx/CVE-2014-5469.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5469", "ID": "CVE-2014-5469",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2015/2xxx/CVE-2015-2161.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2161", "ID": "CVE-2015-2161",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

128
2015/2xxx/CVE-2015-2191.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2191", "ID": "CVE-2015-2191",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet." "value": "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-10.html", "name": "openSUSE-SU-2015:0489",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-10.html" "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023", "name": "72941",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023" "url": "http://www.securityfocus.com/bid/72941"
}, },
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=608cf324b3962877e9699f3e81e8f82ac9f1ea14", "name": "http://www.wireshark.org/security/wnpa-sec-2015-10.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=608cf324b3962877e9699f3e81e8f82ac9f1ea14" "url": "http://www.wireshark.org/security/wnpa-sec-2015-10.html"
}, },
{ {
"name" : "http://advisories.mageia.org/MGASA-2015-0117.html", "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=608cf324b3962877e9699f3e81e8f82ac9f1ea14",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://advisories.mageia.org/MGASA-2015-0117.html" "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=608cf324b3962877e9699f3e81e8f82ac9f1ea14"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "name": "http://advisories.mageia.org/MGASA-2015-0117.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "url": "http://advisories.mageia.org/MGASA-2015-0117.html"
}, },
{ {
"name" : "DSA-3210", "name": "1031858",
"refsource" : "DEBIAN", "refsource": "SECTRACK",
"url" : "http://www.debian.org/security/2015/dsa-3210" "url": "http://www.securitytracker.com/id/1031858"
}, },
{ {
"name" : "GLSA-201510-03", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201510-03" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023"
}, },
{ {
"name" : "MDVSA-2015:183", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
}, },
{ {
"name" : "RHSA-2015:1460", "name": "MDVSA-2015:183",
"refsource" : "REDHAT", "refsource": "MANDRIVA",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1460.html" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183"
}, },
{ {
"name" : "openSUSE-SU-2015:0489", "name": "DSA-3210",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html" "url": "http://www.debian.org/security/2015/dsa-3210"
}, },
{ {
"name" : "72941", "name": "RHSA-2015:1460",
"refsource" : "BID", "refsource": "REDHAT",
"url" : "http://www.securityfocus.com/bid/72941" "url": "http://rhn.redhat.com/errata/RHSA-2015-1460.html"
}, },
{ {
"name" : "1031858", "name": "GLSA-201510-03",
"refsource" : "SECTRACK", "refsource": "GENTOO",
"url" : "http://www.securitytracker.com/id/1031858" "url": "https://security.gentoo.org/glsa/201510-03"
} }
] ]
} }

98
2015/2xxx/CVE-2015-2292.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2292", "ID": "CVE-2015-2292",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands." "value": "Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page to wp-admin/admin.php. NOTE: this can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "36413", "name": "https://wpvulndb.com/vulnerabilities/7841",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "https://www.exploit-db.com/exploits/36413/" "url": "https://wpvulndb.com/vulnerabilities/7841"
}, },
{ {
"name" : "20150312 WordPress SEO by Yoast <= 1.7.3.3 - Blind SQL Injection", "name": "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html",
"refsource" : "FULLDISC", "refsource": "MISC",
"url" : "http://seclists.org/fulldisclosure/2015/Mar/73" "url": "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html", "name": "https://yoast.com/wordpress-seo-security-release/",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://packetstormsecurity.com/files/130811/WordPress-SEO-By-Yoast-1.7.3.3-SQL-Injection.html" "url": "https://yoast.com/wordpress-seo-security-release/"
}, },
{ {
"name" : "https://wpvulndb.com/vulnerabilities/7841", "name": "36413",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "https://wpvulndb.com/vulnerabilities/7841" "url": "https://www.exploit-db.com/exploits/36413/"
}, },
{ {
"name" : "https://wordpress.org/plugins/wordpress-seo/changelog/", "name": "https://wordpress.org/plugins/wordpress-seo/changelog/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://wordpress.org/plugins/wordpress-seo/changelog/" "url": "https://wordpress.org/plugins/wordpress-seo/changelog/"
}, },
{ {
"name" : "https://yoast.com/wordpress-seo-security-release/", "name": "20150312 WordPress SEO by Yoast <= 1.7.3.3 - Blind SQL Injection",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "https://yoast.com/wordpress-seo-security-release/" "url": "http://seclists.org/fulldisclosure/2015/Mar/73"
}, },
{ {
"name" : "1031920", "name": "1031920",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031920" "url": "http://www.securitytracker.com/id/1031920"
} }
] ]
} }

74
2015/2xxx/CVE-2015-2785.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-2785", "ID": "CVE-2015-2785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command." "value": "The GIF encoder in Byzanz allows remote attackers to cause a denial of service (out-of-bounds heap write and crash) or possibly execute arbitrary code via a crafted Byzanz debug data recording (ByzanzRecording file) to the byzanz-playback command."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150206 byzanz: Out-of heap-based buffer write in GIF encoder", "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778261",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2015/02/06/11" "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778261"
}, },
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778261", "name": "[oss-security] 20150206 byzanz: Out-of heap-based buffer write in GIF encoder",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778261" "url": "http://www.openwall.com/lists/oss-security/2015/02/06/11"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=852481", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=852481",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=852481" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=852481"
} }
] ]
} }

128
2015/6xxx/CVE-2015-6248.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6248", "ID": "CVE-2015-6248",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." "value": "The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-28.html", "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b53445e815fd6b652d49df03ec3d60b088c4fbc",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-28.html" "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b53445e815fd6b652d49df03ec3d60b088c4fbc"
}, },
{ {
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", "name": "http://www.wireshark.org/security/wnpa-sec-2015-28.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" "url": "http://www.wireshark.org/security/wnpa-sec-2015-28.html"
}, },
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc4a831e035604b0af14ed8a5c9f6596a3448d0", "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc4a831e035604b0af14ed8a5c9f6596a3448d0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc4a831e035604b0af14ed8a5c9f6596a3448d0" "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3fc4a831e035604b0af14ed8a5c9f6596a3448d0"
}, },
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b53445e815fd6b652d49df03ec3d60b088c4fbc", "name": "FEDORA-2015-13945",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5b53445e815fd6b652d49df03ec3d60b088c4fbc" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "name": "1033272",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "url": "http://www.securitytracker.com/id/1033272"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
}, },
{ {
"name" : "DSA-3367", "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2015/dsa-3367" "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358"
}, },
{ {
"name" : "FEDORA-2015-13945", "name": "FEDORA-2015-13946",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html"
}, },
{ {
"name" : "FEDORA-2015-13946", "name": "DSA-3367",
"refsource" : "FEDORA", "refsource": "DEBIAN",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" "url": "http://www.debian.org/security/2015/dsa-3367"
}, },
{ {
"name" : "openSUSE-SU-2015:1836", "name": "76387",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" "url": "http://www.securityfocus.com/bid/76387"
}, },
{ {
"name" : "76387", "name": "openSUSE-SU-2015:1836",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/76387" "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html"
}, },
{ {
"name" : "1033272", "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1033272" "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
} }
] ]
} }

92
2015/6xxx/CVE-2015-6729.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6729", "ID": "CVE-2015-6729",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled in an error page." "value": "Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled in an error page."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10", "name": "GLSA-201510-05",
"refsource" : "MLIST", "refsource": "GENTOO",
"url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html" "url": "https://security.gentoo.org/glsa/201510-05"
}, },
{ {
"name" : "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", "name": "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/08/12/6" "url": "http://www.openwall.com/lists/oss-security/2015/08/27/6"
}, },
{ {
"name" : "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", "name": "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/08/27/6" "url": "http://www.openwall.com/lists/oss-security/2015/08/12/6"
}, },
{ {
"name" : "FEDORA-2015-13920", "name": "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html" "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html"
}, },
{ {
"name" : "GLSA-201510-05", "name": "FEDORA-2015-13920",
"refsource" : "GENTOO", "refsource": "FEDORA",
"url" : "https://security.gentoo.org/glsa/201510-05" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html"
}, },
{ {
"name" : "76334", "name": "76334",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/76334" "url": "http://www.securityfocus.com/bid/76334"
} }
] ]
} }

68
2016/0xxx/CVE-2016-0568.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0568", "ID": "CVE-2016-0568",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Server Components." "value": "Unspecified vulnerability in the Oracle Email Center component in Oracle E-Business Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Server Components."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
}, },
{ {
"name" : "1034726", "name": "1034726",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034726" "url": "http://www.securitytracker.com/id/1034726"
} }
] ]
} }

92
2016/1000xxx/CVE-2016-1000346.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "dgh@bouncycastle.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000346", "ID": "CVE-2016-1000346",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Bouncy Castle JCE Provider", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.55 and before" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The Legion of the Bouncy Castle Inc." "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation." "value": "In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-320: Key Management Errors" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update", "name": "[debian-lts-announce] 20180707 [SECURITY] [DLA 1418-1] bouncycastle security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html" "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html"
}, },
{ {
"name" : "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937", "name": "RHSA-2018:2669",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937" "url": "https://access.redhat.com/errata/RHSA-2018:2669"
}, },
{ {
"name" : "https://security.netapp.com/advisory/ntap-20181127-0004/", "name": "https://security.netapp.com/advisory/ntap-20181127-0004/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20181127-0004/" "url": "https://security.netapp.com/advisory/ntap-20181127-0004/"
}, },
{ {
"name" : "RHSA-2018:2669", "name": "USN-3727-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "https://access.redhat.com/errata/RHSA-2018:2669" "url": "https://usn.ubuntu.com/3727-1/"
}, },
{ {
"name" : "RHSA-2018:2927", "name": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2018:2927" "url": "https://github.com/bcgit/bc-java/commit/1127131c89021612c6eefa26dbe5714c194e7495#diff-d525a20b8acaed791ae2f0f770eb5937"
}, },
{ {
"name" : "USN-3727-1", "name": "RHSA-2018:2927",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "https://usn.ubuntu.com/3727-1/" "url": "https://access.redhat.com/errata/RHSA-2018:2927"
} }
] ]
} }

70
2016/10xxx/CVE-2016-10449.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2016-10449", "ID": "CVE-2016-10449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835" "version_value": "MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, and SD 835, in a GNSS API function, a NULL pointer dereference can occur." "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, and SD 835, in a GNSS API function, a NULL pointer dereference can occur."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NULL Pointer Dereference in GNSS" "value": "NULL Pointer Dereference in GNSS"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01" "url": "https://source.android.com/security/bulletin/2018-04-01"
}, },
{ {
"name" : "103671", "name": "103671",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/103671" "url": "http://www.securityfocus.com/bid/103671"
} }
] ]
} }

68
2016/4xxx/CVE-2016-4094.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4094", "ID": "CVE-2016-4094",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", "name": "1035828",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" "url": "http://www.securitytracker.com/id/1035828"
}, },
{ {
"name" : "1035828", "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1035828" "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
} }
] ]
} }

104
2016/4xxx/CVE-2016-4135.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4135", "ID": "CVE-2016-4135",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083." "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "40087", "name": "1036117",
"refsource" : "EXPLOIT-DB", "refsource": "SECTRACK",
"url" : "https://www.exploit-db.com/exploits/40087/" "url": "http://www.securitytracker.com/id/1036117"
}, },
{ {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "name": "MS16-083",
"refsource" : "CONFIRM", "refsource": "MS",
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
}, },
{ {
"name" : "MS16-083", "name": "openSUSE-SU-2016:1625",
"refsource" : "MS", "refsource": "SUSE",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
}, },
{ {
"name" : "RHSA-2016:1238", "name": "40087",
"refsource" : "REDHAT", "refsource": "EXPLOIT-DB",
"url" : "https://access.redhat.com/errata/RHSA-2016:1238" "url": "https://www.exploit-db.com/exploits/40087/"
}, },
{ {
"name" : "SUSE-SU-2016:1613", "name": "RHSA-2016:1238",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" "url": "https://access.redhat.com/errata/RHSA-2016:1238"
}, },
{ {
"name" : "openSUSE-SU-2016:1621", "name": "openSUSE-SU-2016:1621",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
}, },
{ {
"name" : "openSUSE-SU-2016:1625", "name": "SUSE-SU-2016:1613",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
}, },
{ {
"name" : "1036117", "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036117" "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
} }
] ]
} }

68
2016/4xxx/CVE-2016-4216.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4216", "ID": "CVE-2016-4216",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue." "value": "XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html", "name": "https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html" "url": "https://helpx.adobe.com/security/products/xmpcore/apsb16-24.html"
}, },
{ {
"name" : "91717", "name": "91717",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/91717" "url": "http://www.securityfocus.com/bid/91717"
} }
] ]
} }

80
2016/4xxx/CVE-2016-4385.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4385", "ID": "CVE-2016-4385",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries." "value": "The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x before 10.11.00.01 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) and Commons BeanUtils libraries."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-523/", "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05279098",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-523/" "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05279098"
}, },
{ {
"name" : "https://www.tenable.com/security/research/tra-2016-27", "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-523/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.tenable.com/security/research/tra-2016-27" "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-523/"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05279098", "name": "https://www.tenable.com/security/research/tra-2016-27",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05279098" "url": "https://www.tenable.com/security/research/tra-2016-27"
}, },
{ {
"name" : "93109", "name": "93109",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/93109" "url": "http://www.securityfocus.com/bid/93109"
} }
] ]
} }

86
2016/4xxx/CVE-2016-4570.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4570", "ID": "CVE-2016-4570",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file." "value": "The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160509 Re: CVE requested: two stack exhaustation parsing xml files using mxml", "name": "[oss-security] 20160509 Re: CVE requested: two stack exhaustation parsing xml files using mxml",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/09/16" "url": "http://www.openwall.com/lists/oss-security/2016/05/09/16"
}, },
{ {
"name" : "[oss-security] 20160511 Re: CVE requested: two stack exhaustation parsing xml files using mxml", "name": "90315",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2016/05/11/14" "url": "http://www.securityfocus.com/bid/90315"
}, },
{ {
"name" : "[debian-lts-announce] 20190125 [SECURITY] [DLA 1641-1] mxml security update", "name": "[debian-lts-announce] 20190125 [SECURITY] [DLA 1641-1] mxml security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00018.html" "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00018.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1334648", "name": "[oss-security] 20160511 Re: CVE requested: two stack exhaustation parsing xml files using mxml",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1334648" "url": "http://www.openwall.com/lists/oss-security/2016/05/11/14"
}, },
{ {
"name" : "90315", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1334648",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/90315" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334648"
} }
] ]
} }

62
2016/8xxx/CVE-2016-8228.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@lenovo.com", "ASSIGNER": "psirt@lenovo.com",
"ID" : "CVE-2016-8228", "ID": "CVE-2016-8228",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Service Bridge", "product_name": "Service Bridge",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Earlier than version 4" "version_value": "Earlier than version 4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Lenovo Group Ltd." "vendor_name": "Lenovo Group Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges." "value": "In Lenovo Service Bridge before version 4, a user with local privileges on a system could execute code with administrative privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege Escalation" "value": "Privilege Escalation"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.lenovo.com/us/en/product_security/LEN-10149", "name": "https://support.lenovo.com/us/en/product_security/LEN-10149",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.lenovo.com/us/en/product_security/LEN-10149" "url": "https://support.lenovo.com/us/en/product_security/LEN-10149"
} }
] ]
} }

68
2016/8xxx/CVE-2016-8233.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@lenovo.com", "ASSIGNER": "psirt@lenovo.com",
"ID" : "CVE-2016-8233", "ID": "CVE-2016-8233",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "XClarity Administrator", "product_name": "XClarity Administrator",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Earlier than 1.2.2" "version_value": "Earlier than 1.2.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Lenovo Group Ltd." "vendor_name": "Lenovo Group Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user." "value": "Log files generated by Lenovo XClarity Administrator (LXCA) versions earlier than 1.2.2 may contain user credentials in a non-secure, clear text form that could be viewed by a non-privileged user."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Credential disclosure" "value": "Credential disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.lenovo.com/us/en/product_security/LEN-11635", "name": "95992",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.lenovo.com/us/en/product_security/LEN-11635" "url": "http://www.securityfocus.com/bid/95992"
}, },
{ {
"name" : "95992", "name": "https://support.lenovo.com/us/en/product_security/LEN-11635",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/95992" "url": "https://support.lenovo.com/us/en/product_security/LEN-11635"
} }
] ]
} }

110
2016/9xxx/CVE-2016-9243.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-9243", "ID": "CVE-2016-9243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size." "value": "HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20161109 Re: CVE Request: Cryptography 1.5.3: HKDF might return an empty byte-string", "name": "FEDORA-2016-2d90e27e50",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://www.openwall.com/lists/oss-security/2016/11/09/2" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/"
}, },
{ {
"name" : "https://cryptography.io/en/latest/changelog", "name": "USN-3138-1",
"refsource" : "CONFIRM", "refsource": "UBUNTU",
"url" : "https://cryptography.io/en/latest/changelog" "url": "http://www.ubuntu.com/usn/USN-3138-1"
}, },
{ {
"name" : "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874", "name": "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874" "url": "https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3aeb2d874"
}, },
{ {
"name" : "https://github.com/pyca/cryptography/issues/3211", "name": "FEDORA-2016-d3a2b640ce",
"refsource" : "CONFIRM", "refsource": "FEDORA",
"url" : "https://github.com/pyca/cryptography/issues/3211" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/"
}, },
{ {
"name" : "FEDORA-2016-2d90e27e50", "name": "94216",
"refsource" : "FEDORA", "refsource": "BID",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U23KDR2M2N7W2ZSREG63BVW7D4VC6CIZ/" "url": "http://www.securityfocus.com/bid/94216"
}, },
{ {
"name" : "FEDORA-2016-d3a2b640ce", "name": "[oss-security] 20161109 Re: CVE Request: Cryptography 1.5.3: HKDF might return an empty byte-string",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQ5G7KHKZC4SI23JE7277KZXM57GEQKT/" "url": "http://www.openwall.com/lists/oss-security/2016/11/09/2"
}, },
{ {
"name" : "FEDORA-2016-e77c8c1f3b", "name": "https://cryptography.io/en/latest/changelog",
"refsource" : "FEDORA", "refsource": "CONFIRM",
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/" "url": "https://cryptography.io/en/latest/changelog"
}, },
{ {
"name" : "USN-3138-1", "name": "FEDORA-2016-e77c8c1f3b",
"refsource" : "UBUNTU", "refsource": "FEDORA",
"url" : "http://www.ubuntu.com/usn/USN-3138-1" "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R2ZOBMPWDFFHUZ6QOZZY36A6H5CGJXL/"
}, },
{ {
"name" : "94216", "name": "https://github.com/pyca/cryptography/issues/3211",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/94216" "url": "https://github.com/pyca/cryptography/issues/3211"
} }
] ]
} }

170
2016/9xxx/CVE-2016-9576.json
View File

@ -1,151 +1,151 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-9576", "ID": "CVE-2016-9576",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device." "value": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20161209 Linux Kernel use-after-free in SCSI generic device interface", "name": "openSUSE-SU-2016:3118",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/08/19" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html"
}, },
{ {
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0", "name": "SUSE-SU-2016:3248",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14", "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14" "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1403145", "name": "openSUSE-SU-2016:3085",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1403145" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html"
}, },
{ {
"name" : "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0", "name": "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0" "url": "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
}, },
{ {
"name" : "RHSA-2017:2669", "name": "RHSA-2017:2669",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2669" "url": "https://access.redhat.com/errata/RHSA-2017:2669"
}, },
{ {
"name" : "RHSA-2017:0817", "name": "SUSE-SU-2016:3188",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0817.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html"
}, },
{ {
"name" : "RHSA-2017:1842", "name": "openSUSE-SU-2016:3086",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "https://access.redhat.com/errata/RHSA-2017:1842" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html"
}, },
{ {
"name" : "RHSA-2017:2077", "name": "SUSE-SU-2016:3146",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "https://access.redhat.com/errata/RHSA-2017:2077" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html"
}, },
{ {
"name" : "openSUSE-SU-2016:3085", "name": "SUSE-SU-2016:3203",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html"
}, },
{ {
"name" : "openSUSE-SU-2016:3086", "name": "RHSA-2017:0817",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html" "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
}, },
{ {
"name" : "SUSE-SU-2016:3146", "name": "SUSE-SU-2016:3217",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html"
}, },
{ {
"name" : "SUSE-SU-2016:3188", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1403145",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403145"
}, },
{ {
"name" : "SUSE-SU-2016:3203", "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html" "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
}, },
{ {
"name" : "SUSE-SU-2016:3217", "name": "[oss-security] 20161209 Linux Kernel use-after-free in SCSI generic device interface",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html" "url": "http://www.openwall.com/lists/oss-security/2016/12/08/19"
}, },
{ {
"name" : "SUSE-SU-2016:3248", "name": "RHSA-2017:2077",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html" "url": "https://access.redhat.com/errata/RHSA-2017:2077"
}, },
{ {
"name" : "SUSE-SU-2016:3252", "name": "RHSA-2017:1842",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html" "url": "https://access.redhat.com/errata/RHSA-2017:1842"
}, },
{ {
"name" : "openSUSE-SU-2016:3118", "name": "94821",
"refsource" : "SUSE", "refsource": "BID",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html" "url": "http://www.securityfocus.com/bid/94821"
}, },
{ {
"name" : "94821", "name": "SUSE-SU-2016:3252",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/94821" "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html"
} }
] ]
} }

22
2016/9xxx/CVE-2016-9663.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9663", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2016-9663",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }

104
2016/9xxx/CVE-2016-9922.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-9922", "ID": "CVE-2016-9922",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values." "value": "The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy", "name": "[qemu-devel] 20161205 [PULL 4/4] display: cirrus: check vga bits per pixel(bpp) value",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2016/12/09/1" "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html"
}, },
{ {
"name" : "[qemu-devel] 20161205 [PULL 4/4] display: cirrus: check vga bits per pixel(bpp) value", "name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html" "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"
}, },
{ {
"name" : "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "name": "RHSA-2017:2392",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" "url": "https://access.redhat.com/errata/RHSA-2017:2392"
}, },
{ {
"name" : "http://git.qemu-project.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70", "name": "94803",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://git.qemu-project.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70" "url": "http://www.securityfocus.com/bid/94803"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1334398", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1334398" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398"
}, },
{ {
"name" : "RHSA-2017:2392", "name": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "https://access.redhat.com/errata/RHSA-2017:2392" "url": "http://git.qemu-project.org/?p=qemu.git;a=commit;h=4299b90e9ba9ce5ca9024572804ba751aa1a7e70"
}, },
{ {
"name" : "RHSA-2017:2408", "name": "RHSA-2017:2408",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:2408" "url": "https://access.redhat.com/errata/RHSA-2017:2408"
}, },
{ {
"name" : "94803", "name": "[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/94803" "url": "http://www.openwall.com/lists/oss-security/2016/12/09/1"
} }
] ]
} }

68
2016/9xxx/CVE-2016-9953.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9953", "ID": "CVE-2016-9953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read." "value": "The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://curl.haxx.se/CVE-2016-9952.patch", "name": "https://curl.haxx.se/CVE-2016-9952.patch",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://curl.haxx.se/CVE-2016-9952.patch" "url": "https://curl.haxx.se/CVE-2016-9952.patch"
}, },
{ {
"name" : "https://curl.haxx.se/docs/adv_20161221C.html", "name": "https://curl.haxx.se/docs/adv_20161221C.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://curl.haxx.se/docs/adv_20161221C.html" "url": "https://curl.haxx.se/docs/adv_20161221C.html"
} }
] ]
} }

78
2019/2xxx/CVE-2019-2452.json
View File

@ -1,75 +1,75 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2452", "ID": "CVE-2019-2452",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebLogic Server", "product_name": "WebLogic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10.3.6.0" "version_value": "10.3.6.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.1.3.0" "version_value": "12.1.3.0"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.3" "version_value": "12.2.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H)." "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server." "value": "Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "106617",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "http://www.securityfocus.com/bid/106617"
}, },
{ {
"name" : "106617", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/106617" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
} }
] ]
} }

74
2019/2xxx/CVE-2019-2554.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2554", "ID": "CVE-2019-2554",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VM VirtualBox", "product_name": "VM VirtualBox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "5.2.24" "version_value": "5.2.24"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "6.0.2" "version_value": "6.0.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)." "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data." "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data."
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}, },
{ {
"name" : "106568", "name": "106568",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/106568" "url": "http://www.securityfocus.com/bid/106568"
} }
] ]
} }

22
2019/2xxx/CVE-2019-2622.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2622", "ID": "CVE-2019-2622",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/2xxx/CVE-2019-2704.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2704", "ID": "CVE-2019-2704",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3176.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3176", "ID": "CVE-2019-3176",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3318.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3318", "ID": "CVE-2019-3318",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3351.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3351", "ID": "CVE-2019-3351",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/3xxx/CVE-2019-3390.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3390", "ID": "CVE-2019-3390",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6474.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6474", "ID": "CVE-2019-6474",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6568.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6568", "ID": "CVE-2019-6568",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6656.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6656", "ID": "CVE-2019-6656",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6689.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6689", "ID": "CVE-2019-6689",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/6xxx/CVE-2019-6941.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6941", "ID": "CVE-2019-6941",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7144.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7144", "ID": "CVE-2019-7144",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7229.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7229", "ID": "CVE-2019-7229",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7271.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7271", "ID": "CVE-2019-7271",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/7xxx/CVE-2019-7472.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7472", "ID": "CVE-2019-7472",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8505.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8505", "ID": "CVE-2019-8505",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8741.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8741", "ID": "CVE-2019-8741",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2019/8xxx/CVE-2019-8842.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8842", "ID": "CVE-2019-8842",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }