admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:19:52 +00:00
parent 5e781c8d00
commit 8989ee4dad
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 3867 additions and 3867 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

170
2007/0xxx/CVE-2007-0095.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0095", "ID": "CVE-2007-0095",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070102 Inforamtion Discloser Vulnerabilities in phpMyAdmin", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051544.html" "lang": "eng",
}, "value": "phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message."
{ }
"name" : "20070102 Inforamtion Discloser Vulnerabilities in \"phpMyAdmin\"", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MDKSA-2007:199", "description": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33257", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/33257" ]
}, },
{ "references": {
"name" : "2104", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2104" "name": "20070102 Inforamtion Discloser Vulnerabilities in phpMyAdmin",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051544.html"
"name" : "phpmyadmin-darkblueorange-path-disclosure(31223)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31223" "name": "20070102 Inforamtion Discloser Vulnerabilities in \"phpMyAdmin\"",
} "refsource": "FULLDISC",
] "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0034.html"
} },
} {
"name": "MDKSA-2007:199",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:199"
},
{
"name": "phpmyadmin-darkblueorange-path-disclosure(31223)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31223"
},
{
"name": "33257",
"refsource": "OSVDB",
"url": "http://osvdb.org/33257"
},
{
"name": "2104",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2104"
}
]
}
}

34
2007/0xxx/CVE-2007-0327.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0327", "ID": "CVE-2007-0327",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2007/0xxx/CVE-2007-0573.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0573", "ID": "CVE-2007-0573",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3205", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3205" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter."
{ }
"name" : "VIM 20070130 Source VERIFY: nsGalPHP RFI", ]
"refsource" : "MLIST", },
"url" : "http://www.attrition.org/pipermail/vim/2007-January/001257.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22277", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22277" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0392", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0392" ]
}, },
{ "references": {
"name" : "32994", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32994" "name": "nsgalphp-config-file-include(31861)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31861"
"name" : "23969", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23969" "name": "ADV-2007-0392",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0392"
"name" : "nsgalphp-config-file-include(31861)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31861" "name": "32994",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/32994"
} },
} {
"name": "VIM 20070130 Source VERIFY: nsGalPHP RFI",
"refsource": "MLIST",
"url": "http://www.attrition.org/pipermail/vim/2007-January/001257.html"
},
{
"name": "3205",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3205"
},
{
"name": "22277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22277"
},
{
"name": "23969",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23969"
}
]
}
}

160
2007/0xxx/CVE-2007-0769.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0769", "ID": "CVE-2007-0769",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that \"The characters are escaped properly.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070129 Phorum HTML Injection Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458461/100/0/threaded" "lang": "eng",
}, "value": "** DISPUTED ** Cross-site scripting (XSS) vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that \"The characters are escaped properly.\""
{ }
"name" : "20070129 Re: Phorum HTML Injection Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/458467/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.phorum.org/phorum5/read.php?12,119757", "description": [
"refsource" : "MISC", {
"url" : "http://www.phorum.org/phorum5/read.php?12,119757" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22297", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22297" ]
}, },
{ "references": {
"name" : "ADV-2007-0410", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0410" "name": "ADV-2007-0410",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0410"
} },
} {
"name": "22297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22297"
},
{
"name": "http://www.phorum.org/phorum5/read.php?12,119757",
"refsource": "MISC",
"url": "http://www.phorum.org/phorum5/read.php?12,119757"
},
{
"name": "20070129 Phorum HTML Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458461/100/0/threaded"
},
{
"name": "20070129 Re: Phorum HTML Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458467/100/0/threaded"
}
]
}
}

150
2007/1xxx/CVE-2007-1120.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1120", "ID": "CVE-2007-1120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX control (TeeChart7.ocx) allow remote attackers to download a crafted .tee file to an arbitrary location. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "22689", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22689" "lang": "eng",
}, "value": "The (1) Import.LoadFromURL and (2) Export.asText.SaveToFile functions in TeeChart Pro ActiveX control (TeeChart7.ocx) allow remote attackers to download a crafted .tee file to an arbitrary location. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "33534", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/33534" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "24263", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24263" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "teechart-activex-file-upload(32694)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32694" ]
} },
] "references": {
} "reference_data": [
} {
"name": "33534",
"refsource": "OSVDB",
"url": "http://osvdb.org/33534"
},
{
"name": "teechart-activex-file-upload(32694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32694"
},
{
"name": "22689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22689"
},
{
"name": "24263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24263"
}
]
}
}

160
2007/1xxx/CVE-2007-1568.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1568", "ID": "CVE-2007-1568",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "3462", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3462" "lang": "eng",
}, "value": "Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename."
{ }
"name" : "3463", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/3463" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0934", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0934" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34035", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/34035" ]
}, },
{ "references": {
"name" : "24487", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24487" "name": "24487",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24487"
} },
} {
"name": "34035",
"refsource": "OSVDB",
"url": "http://osvdb.org/34035"
},
{
"name": "ADV-2007-0934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0934"
},
{
"name": "3462",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3462"
},
{
"name": "3463",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3463"
}
]
}
}

190
2007/1xxx/CVE-2007-1943.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-1943", "ID": "CVE-2007-1943",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070404 Several Windows image viewers vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/464726/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in ACDSee Photo Manager 9.0 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via large width image sizes in a crafted BMP image, as demonstrated by w3intof.bmp and w4intof.bmp."
{ }
"name" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html", ]
"refsource" : "MISC", },
"url" : "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.acdsee.com/support/knowledgebase/article?id=2800", "description": [
"refsource" : "MISC", {
"url" : "http://www.acdsee.com/support/knowledgebase/article?id=2800" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23317", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/23317" ]
}, },
{ "references": {
"name" : "ADV-2007-1283", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1283" "name": "ADV-2007-1283",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1283"
"name" : "34663", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/34663" "name": "23317",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/23317"
"name" : "24779", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24779" "name": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html",
}, "refsource": "MISC",
{ "url": "http://ifsec.blogspot.com/2007/04/several-windows-image-viewers.html"
"name" : "2558", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2558" "name": "24779",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24779"
} },
} {
"name": "20070404 Several Windows image viewers vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464726/100/0/threaded"
},
{
"name": "34663",
"refsource": "OSVDB",
"url": "http://osvdb.org/34663"
},
{
"name": "2558",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2558"
},
{
"name": "http://www.acdsee.com/support/knowledgebase/article?id=2800",
"refsource": "MISC",
"url": "http://www.acdsee.com/support/knowledgebase/article?id=2800"
}
]
}
}

180
2007/4xxx/CVE-2007-4295.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4295", "ID": "CVE-2007-4295",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml" "lang": "eng",
}, "value": "Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749."
{ }
"name" : "25239", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25239" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:5075", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2816", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2816" ]
}, },
{ "references": {
"name" : "36667", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/36667" "name": "36667",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/36667"
"name" : "1018533", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018533" "name": "ADV-2007-2816",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2816"
"name" : "26363", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26363" "name": "oval:org.mitre.oval:def:5075",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5075"
} },
} {
"name": "1018533",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018533"
},
{
"name": "25239",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25239"
},
{
"name": "26363",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26363"
},
{
"name": "20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080899653.shtml"
}
]
}
}

170
2007/4xxx/CVE-2007-4320.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4320", "ID": "CVE-2007-4320",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4273", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4273" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter."
{ }
"name" : "25248", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25248" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2833", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2833" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36426", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36426" ]
}, },
{ "references": {
"name" : "26383", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26383" "name": "26383",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26383"
"name" : "ncaster-archive-file-include(35908)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35908" "name": "ADV-2007-2833",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/2833"
} },
} {
"name": "25248",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25248"
},
{
"name": "36426",
"refsource": "OSVDB",
"url": "http://osvdb.org/36426"
},
{
"name": "ncaster-archive-file-include(35908)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35908"
},
{
"name": "4273",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4273"
}
]
}
}

140
2007/4xxx/CVE-2007-4509.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4509", "ID": "CVE-2007-4509",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the did parameter in a details action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4309", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4309" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in the EventList component (com_eventlist) 0.8 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the did parameter in a details action."
{ }
"name" : "38360", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/38360" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "eventlist-index-sql-injection(36223)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36223" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "4309",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4309"
},
{
"name": "eventlist-index-sql-injection(36223)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36223"
},
{
"name": "38360",
"refsource": "OSVDB",
"url": "http://osvdb.org/38360"
}
]
}
}

200
2007/5xxx/CVE-2007-5591.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5591", "ID": "CVE-2007-5591",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071018 Nortel Telephony Server Denial of Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/482484/100/0/threaded" "lang": "eng",
}, "value": "The CS1000 signaling server in Nortel Enterprise VoIP-Core-CS 1000M Chassis/Cabinet, Enterprise VoIP-Core-CS 1000E and 1000S, Meridian-Core-Option 11C Chassis and Cabinet, and Meridian-Core-Option 51C, 61C, and 81C allows remote attackers to cause a denial of service (telephony application outage) via a flood of packets to Embedded LAN (ELAN) ports."
{ }
"name" : "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt", ]
"refsource" : "MISC", },
"url" : "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf", ]
"refsource" : "CONFIRM", }
"url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf" ]
}, },
{ "references": {
"name" : "26113", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26113" "name": "27282",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27282"
"name" : "ADV-2007-3536", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3536" "name": "ADV-2007-3536",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3536"
"name" : "41799", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41799" "name": "nortel-cs1000-elan-dos(37252)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37252"
"name" : "27282", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27282" "name": "41799",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/41799"
"name" : "nortel-cs1000-elan-dos(37252)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37252" "name": "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt",
} "refsource": "MISC",
] "url": "http://www.csnc.ch/static/advisory/csnc/nortel_telephony_server_denial_of_service_v1.0.txt"
} },
} {
"name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf",
"refsource": "CONFIRM",
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022871-01.pdf"
},
{
"name": "26113",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26113"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=655204"
},
{
"name": "20071018 Nortel Telephony Server Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482484/100/0/threaded"
}
]
}
}

140
2015/2xxx/CVE-2015-2013.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2015-2013", "ID": "CVE-2015-2013",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962479", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21962479" "lang": "eng",
}, "value": "IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call."
{ }
"name" : "IV73860", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV73860" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033449", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033449" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1033449",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033449"
},
{
"name": "IV73860",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV73860"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21962479",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21962479"
}
]
}
}

190
2015/2xxx/CVE-2015-2665.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2665", "ID": "CVE-2015-2665",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.fortiguard.com/advisory/FG-VD-15-017/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.fortiguard.com/advisory/FG-VD-15-017/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://www.cacti.net/release_notes_0_8_8d.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.cacti.net/release_notes_0_8_8d.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3295", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2016-4a5ce6a6c0", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html" ]
}, },
{ "references": {
"name" : "FEDORA-2016-852a39e085", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html" "name": "FEDORA-2016-a8e2be0fe6",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html"
"name" : "FEDORA-2016-a8e2be0fe6", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183449.html" "name": "http://www.cacti.net/release_notes_0_8_8d.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.cacti.net/release_notes_0_8_8d.php"
"name" : "75309", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75309" "name": "1032672",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032672"
"name" : "1032672", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032672" "name": "http://www.fortiguard.com/advisory/FG-VD-15-017/",
} "refsource": "MISC",
] "url": "http://www.fortiguard.com/advisory/FG-VD-15-017/"
} },
} {
"name": "FEDORA-2016-852a39e085",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183919.html"
},
{
"name": "75309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75309"
},
{
"name": "DSA-3295",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3295"
},
{
"name": "FEDORA-2016-4a5ce6a6c0",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183454.html"
}
]
}
}

140
2015/2xxx/CVE-2015-2964.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-2964", "ID": "CVE-2015-2964",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#25336719", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN25336719/index.html" "lang": "eng",
}, "value": "NAMSHI | JOSE 5.0.0 and earlier allows remote attackers to bypass signature verification via crafted tokens in a JSON Web Tokens (JWT) header."
{ }
"name" : "JVNDB-2015-000090", ]
"refsource" : "JVNDB", },
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000090" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "75423", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75423" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVN#25336719",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN25336719/index.html"
},
{
"name": "75423",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75423"
},
{
"name": "JVNDB-2015-000090",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000090"
}
]
}
}

140
2015/2xxx/CVE-2015-2970.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2015-2970", "ID": "CVE-2015-2970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://jvn.jp/en/jp/JVN61935381/995636/index.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://jvn.jp/en/jp/JVN61935381/995636/index.html" "lang": "eng",
}, "value": "index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter."
{ }
"name" : "JVN#61935381", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN61935381/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2015-000097", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000097" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000097",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000097"
},
{
"name": "http://jvn.jp/en/jp/JVN61935381/995636/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN61935381/995636/index.html"
},
{
"name": "JVN#61935381",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN61935381/index.html"
}
]
}
}

34
2015/3xxx/CVE-2015-3154.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3154", "ID": "CVE-2015-3154",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/3xxx/CVE-2015-3249.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2015-3249", "ID": "CVE-2015-3249",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[www-announce] 20150704 [ANNOUNCE] Apache Traffic Server 5.3.1 is released!", "description_data": [
"refsource" : "MLIST", {
"url" : "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E" "lang": "eng",
}, "value": "The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function."
{ }
"name" : "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing", ]
"refsource" : "MISC", },
"url" : "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101631", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101631" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "101631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101631"
},
{
"name": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing",
"refsource": "MISC",
"url": "https://yahoo-security.tumblr.com/post/122883273670/apache-traffic-server-http2-fuzzing"
},
{
"name": "[www-announce] 20150704 [ANNOUNCE] Apache Traffic Server 5.3.1 is released!",
"refsource": "MLIST",
"url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201507.mbox/%3CCABF6JR37mWzDmXDqRQwRUXiojBZrhidndnsY1ZgmcZv-o7-a+g@mail.gmail.com%3E"
}
]
}
}

170
2015/3xxx/CVE-2015-3792.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2015-3792", "ID": "CVE-2015-3792",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/kb/HT205031", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/kb/HT205031" "lang": "eng",
}, "value": "QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability than CVE-2015-3765, CVE-2015-3779, CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-5751, CVE-2015-5753, and CVE-2015-5779."
{ }
"name" : "https://support.apple.com/HT205046", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT205046" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2015-08-13-2", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2015-08-20-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html" ]
}, },
{ "references": {
"name" : "76340", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76340" "name": "https://support.apple.com/HT205046",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT205046"
"name" : "1033276", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033276" "name": "76340",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/76340"
} },
} {
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "APPLE-SA-2015-08-20-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00004.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "1033276",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033276"
}
]
}
}

130
2015/6xxx/CVE-2015-6122.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6122", "ID": "CVE-2015-6122",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-131", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-131" "lang": "eng",
}, "value": "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
{ }
"name" : "1034324", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034324" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-131",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-131"
},
{
"name": "1034324",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034324"
}
]
}
}

130
2015/6xxx/CVE-2015-6156.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6156", "ID": "CVE-2015-6156",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6148."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-124", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124" "lang": "eng",
}, "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6148."
{ }
"name" : "1034315", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034315" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1034315",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034315"
},
{
"name": "MS15-124",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-124"
}
]
}
}

34
2015/6xxx/CVE-2015-6462.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6462", "ID": "CVE-2015-6462",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2015/6xxx/CVE-2015-6557.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6557", "ID": "CVE-2015-6557",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passwords in exception messages, which allows physically proximate attackers to obtain sensitive information by reading trace output, a different vulnerability than CVE-2015-4949."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963630", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21963630" "lang": "eng",
}, "value": "IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; and Tivoli Storage FlashCopy Manager 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.2, when application tracing is used, place cleartext passwords in exception messages, which allows physically proximate attackers to obtain sensitive information by reading trace output, a different vulnerability than CVE-2015-4949."
{ }
"name" : "IT03480", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IT03480",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT03480"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963630"
}
]
}
}

190
2015/6xxx/CVE-2015-6816.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6816", "ID": "CVE-2015-6816",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ganglia-web before 3.7.1 allows remote attackers to bypass authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150905 Re: CVE request: Ganglia-web auth bypass", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/09/05/6" "lang": "eng",
}, "value": "ganglia-web before 3.7.1 allows remote attackers to bypass authentication."
{ }
"name" : "https://www.freshports.org/sysutils/ganglia-webfrontend/", ]
"refsource" : "MISC", },
"url" : "https://www.freshports.org/sysutils/ganglia-webfrontend/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1260562", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1260562" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/ganglia/ganglia-web/issues/267", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/ganglia/ganglia-web/issues/267" ]
}, },
{ "references": {
"name" : "FEDORA-2015-accdc7ebfc", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169641.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260562",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260562"
"name" : "FEDORA-2015-de8ba28354", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170362.html" "name": "https://github.com/ganglia/ganglia-web/issues/267",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/ganglia/ganglia-web/issues/267"
"name" : "FEDORA-2015-ee7a2b5844", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169788.html" "name": "FEDORA-2015-accdc7ebfc",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169641.html"
"name" : "92146", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92146" "name": "FEDORA-2015-de8ba28354",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170362.html"
} },
} {
"name": "FEDORA-2015-ee7a2b5844",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169788.html"
},
{
"name": "https://www.freshports.org/sysutils/ganglia-webfrontend/",
"refsource": "MISC",
"url": "https://www.freshports.org/sysutils/ganglia-webfrontend/"
},
{
"name": "[oss-security] 20150905 Re: CVE request: Ganglia-web auth bypass",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/05/6"
},
{
"name": "92146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92146"
}
]
}
}

34
2015/7xxx/CVE-2015-7027.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-7027", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-7027",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

220
2015/7xxx/CVE-2015-7204.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2015-7204", "ID": "CVE-2015-7204",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html" "lang": "eng",
}, "value": "Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2015-51b1105902", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2015-7ab3d3afcf", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" ]
}, },
{ "references": {
"name" : "GLSA-201512-10", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201512-10" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1216130"
"name" : "openSUSE-SU-2016:0307", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" "name": "GLSA-201512-10",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201512-10"
"name" : "openSUSE-SU-2016:0308", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" "name": "openSUSE-SU-2015:2353",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html"
"name" : "openSUSE-SU-2015:2353", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" "name": "openSUSE-SU-2016:0308",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html"
"name" : "USN-2833-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2833-1" "name": "FEDORA-2015-7ab3d3afcf",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html"
"name" : "79280", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79280" "name": "USN-2833-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2833-1"
"name" : "1034426", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034426" "name": "79280",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/79280"
} },
} {
"name": "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2015/mfsa2015-135.html"
},
{
"name": "openSUSE-SU-2016:0307",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html"
},
{
"name": "FEDORA-2015-51b1105902",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html"
},
{
"name": "1034426",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034426"
}
]
}
}

34
2015/7xxx/CVE-2015-7321.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7321", "ID": "CVE-2015-7321",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2016/0xxx/CVE-2016-0015.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0015", "ID": "CVE-2016-0015",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"DirectShow Heap Corruption Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39232", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39232/" "lang": "eng",
}, "value": "DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka \"DirectShow Heap Corruption Remote Code Execution Vulnerability.\""
{ }
"name" : "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "MS16-007", "description": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034660", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034660" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1034660",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034660"
},
{
"name": "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/135232/Microsoft-DirectShow-Remote-Code-Execution.html"
},
{
"name": "39232",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39232/"
},
{
"name": "MS16-007",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-007"
}
]
}
}

120
2016/0xxx/CVE-2016-0303.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0303", "ID": "CVE-2016-0303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981591", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981591" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
}
]
}
}

330
2016/0xxx/CVE-2016-0363.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0363", "ID": "CVE-2016-0363",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Apr/3" "lang": "eng",
}, "value": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009."
{ }
"name" : "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2016/Apr/20" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21980826" ]
}, },
{ "references": {
"name" : "IX90172", "reference_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90172" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21980826"
"name" : "RHSA-2016:0701", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0701.html" "name": "85895",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/85895"
"name" : "RHSA-2016:0702", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0702.html" "name": "SUSE-SU-2016:1299",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html"
"name" : "RHSA-2016:0708", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0708.html" "name": "RHSA-2016:1039",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-1039.html"
"name" : "RHSA-2016:0716", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0716.html" "name": "RHSA-2016:0701",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0701.html"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "SUSE-SU-2016:1303",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html"
"name" : "RHSA-2016:1039", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1039.html" "name": "SUSE-SU-2016:1475",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html"
"name" : "RHSA-2017:1216", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1216" "name": "SUSE-SU-2016:1300",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html"
"name" : "SUSE-SU-2016:1299", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "SUSE-SU-2016:1300", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html" "name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf",
}, "refsource": "MISC",
{ "url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
"name" : "SUSE-SU-2016:1303", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html" "name": "RHSA-2016:0708",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0708.html"
"name" : "SUSE-SU-2016:1378", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html" "name": "SUSE-SU-2016:1378",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html"
"name" : "SUSE-SU-2016:1379", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html" "name": "SUSE-SU-2016:1379",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html"
"name" : "SUSE-SU-2016:1388", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html" "name": "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2016/Apr/20"
"name" : "SUSE-SU-2016:1458", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html" "name": "SUSE-SU-2016:1458",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html"
"name" : "SUSE-SU-2016:1475", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html" "name": "RHSA-2016:0716",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0716.html"
"name" : "85895", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/85895" "name": "1035953",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035953"
"name" : "1035953", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035953" "name": "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8",
} "refsource": "FULLDISC",
] "url": "http://seclists.org/fulldisclosure/2016/Apr/3"
} },
} {
"name": "SUSE-SU-2016:1388",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html"
},
{
"name": "RHSA-2016:0702",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0702.html"
},
{
"name": "RHSA-2017:1216",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1216"
},
{
"name": "IX90172",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90172"
}
]
}
}

130
2016/0xxx/CVE-2016-0521.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0521", "ID": "CVE-2016-0521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via unknown vectors related to Redirection."
{ }
"name" : "1034726", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034726" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}
}

130
2016/0xxx/CVE-2016-0538.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0538", "ID": "CVE-2016-0538",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Business Intelligence."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Business Intelligence."
{ }
"name" : "1034726", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034726" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034726"
}
]
}
}

120
2016/0xxx/CVE-2016-0958.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0958", "ID": "CVE-2016-0958",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html" "lang": "eng",
} "value": "Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 might allow remote attackers to have an unspecified impact via a crafted serialized Java object."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html"
}
]
}
}

130
2016/1000xxx/CVE-2016-1000215.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000215", "ID": "CVE-2016-1000215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ruckus Wireless H500 web management interface denial of service"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/" "lang": "eng",
}, "value": "Ruckus Wireless H500 web management interface denial of service"
{ }
"name" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt", ]
"refsource" : "CONFIRM", },
"url" : "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt",
"refsource": "CONFIRM",
"url": "http://b910a83a1a1fa9c20d93-2435f2f08e773abe005b52170fce6d94.r84.cf2.rackcdn.com/security/faq-security-advisory-id-062117.txt"
},
{
"name": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/",
"refsource": "MISC",
"url": "https://www.tripwire.com/state-of-security/vulnerability-management/ruckus-vulnerability/"
}
]
}
}

140
2016/1xxx/CVE-2016-1179.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1179", "ID": "CVE-2016-1179",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://developer.a-blogcms.jp/blog/patch/entry-2363.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://developer.a-blogcms.jp/blog/patch/entry-2363.html" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the standard template of the comment functionality in appleple a-blog cms 2.6.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML."
{ }
"name" : "JVN#73166466", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN73166466/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000046", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000046.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000046",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000046.html"
},
{
"name": "https://developer.a-blogcms.jp/blog/patch/entry-2363.html",
"refsource": "CONFIRM",
"url": "https://developer.a-blogcms.jp/blog/patch/entry-2363.html"
},
{
"name": "JVN#73166466",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN73166466/index.html"
}
]
}
}

150
2016/1xxx/CVE-2016-1216.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2016-1216", "ID": "CVE-2016-1216",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the \"New appointment\" function in Cybozu Garoon before 4.2.2."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.cybozu.com/ja-jp/article/9223", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.cybozu.com/ja-jp/article/9223" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the \"New appointment\" function in Cybozu Garoon before 4.2.2."
{ }
"name" : "JVN#67595539", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN67595539/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2016-000145", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000145.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92601", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92601" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://support.cybozu.com/ja-jp/article/9223",
"refsource": "CONFIRM",
"url": "https://support.cybozu.com/ja-jp/article/9223"
},
{
"name": "JVN#67595539",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN67595539/index.html"
},
{
"name": "JVNDB-2016-000145",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000145.html"
},
{
"name": "92601",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92601"
}
]
}
}

140
2016/4xxx/CVE-2016-4551.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4551", "ID": "CVE-2016-4551",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2016/Oct/3" "lang": "eng",
}, "value": "The (1) SAP_BASIS and (2) SAP_ABA components 7.00 SP Level 0031 in SAP NetWeaver 2004s might allow remote attackers to spoof IP addresses written to the Security Audit Log via vectors related to the network landscape, aka SAP Security Note 2190621."
{ }
"name" : "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging", ]
"refsource" : "MISC", },
"url" : "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "93288", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93288" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Oct/3"
},
{
"name": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging",
"refsource": "MISC",
"url": "https://www.onapsis.com/research/security-advisories/sap-security-audit-log-invalid-address-logging"
},
{
"name": "93288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93288"
}
]
}
}

270
2016/4xxx/CVE-2016-4556.json
View File

@ -1,137 +1,137 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4556", "ID": "CVE-2016-4556",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/06/3" "lang": "eng",
}, "value": "Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response."
{ }
"name" : "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/05/06/5" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch", ]
"refsource" : "CONFIRM", }
"url" : "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch" ]
}, },
{ "references": {
"name" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch" "name": "GLSA-201607-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201607-01"
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" "name": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch",
}, "refsource": "CONFIRM",
{ "url": "http://www.squid-cache.org/Versions/v3/3.5/changesets/SQUID-2016_9.patch"
"name" : "DSA-3625", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3625" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "GLSA-201607-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-01" "name": "SUSE-SU-2016:1996",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html"
"name" : "RHSA-2016:1138", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1138" "name": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch",
}, "refsource": "CONFIRM",
{ "url": "http://www.squid-cache.org/Versions/v3/3.4/changesets/SQUID-2016_9.patch"
"name" : "RHSA-2016:1139", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1139" "name": "USN-2995-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2995-1"
"name" : "RHSA-2016:1140", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1140" "name": "[oss-security] 20160506 Re: CVE Request: Squid HTTP caching proxy",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/05/06/5"
"name" : "openSUSE-SU-2016:2081", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html" "name": "RHSA-2016:1140",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1140"
"name" : "SUSE-SU-2016:1996", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html" "name": "openSUSE-SU-2016:2081",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00069.html"
"name" : "SUSE-SU-2016:2089", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html" "name": "1035770",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1035770"
"name" : "USN-2995-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2995-1" "name": "RHSA-2016:1138",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1138"
"name" : "1035770", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035770" "name": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt",
} "refsource": "CONFIRM",
] "url": "http://www.squid-cache.org/Advisories/SQUID-2016_9.txt"
} },
} {
"name": "RHSA-2016:1139",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1139"
},
{
"name": "SUSE-SU-2016:2089",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html"
},
{
"name": "[oss-security] 20160506 CVE Request: Squid HTTP caching proxy",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/06/3"
},
{
"name": "DSA-3625",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3625"
}
]
}
}

330
2016/4xxx/CVE-2016-4580.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4580", "ID": "CVE-2016-4580",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/05/10/12" "lang": "eng",
}, "value": "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request."
{ }
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8" ]
}, },
{ "references": {
"name" : "DSA-3607", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3607" "name": "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2016/05/10/12"
"name" : "SUSE-SU-2016:1672", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" "name": "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8"
"name" : "openSUSE-SU-2016:1641", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" "name": "USN-3017-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3017-1"
"name" : "SUSE-SU-2016:1985", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" "name": "SUSE-SU-2016:1985",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
"name" : "USN-3016-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3016-1" "name": "USN-3017-3",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3017-3"
"name" : "USN-3016-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3016-2" "name": "USN-3018-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3018-2"
"name" : "USN-3016-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3016-3" "name": "USN-3021-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3021-2"
"name" : "USN-3016-4", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3016-4" "name": "USN-3017-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3017-2"
"name" : "USN-3017-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3017-1" "name": "USN-3019-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3019-1"
"name" : "USN-3017-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3017-2" "name": "openSUSE-SU-2016:1641",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
"name" : "USN-3017-3", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3017-3" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8"
"name" : "USN-3018-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3018-1" "name": "DSA-3607",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3607"
"name" : "USN-3018-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3018-2" "name": "USN-3016-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3016-2"
"name" : "USN-3019-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3019-1" "name": "USN-3016-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3016-1"
"name" : "USN-3020-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3020-1" "name": "SUSE-SU-2016:1672",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
"name" : "USN-3021-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3021-1" "name": "USN-3021-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3021-1"
"name" : "USN-3021-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-3021-2" "name": "USN-3018-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-3018-1"
"name" : "90528", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90528" "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
} "refsource": "CONFIRM",
] "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"
} },
} {
"name": "90528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90528"
},
{
"name": "USN-3016-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3016-3"
},
{
"name": "USN-3016-4",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3016-4"
},
{
"name": "USN-3020-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3020-1"
}
]
}
}

210
2016/4xxx/CVE-2016-4702.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4702", "ID": "CVE-2016-4702",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207141", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207141" "lang": "eng",
}, "value": "Audio in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."
{ }
"name" : "https://support.apple.com/HT207142", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207142" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207143", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207143" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT207170", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT207170" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-09-20", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" "name": "https://support.apple.com/HT207141",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207141"
"name" : "APPLE-SA-2016-09-20-3", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" "name": "1036858",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036858"
"name" : "APPLE-SA-2016-09-20-5", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html" "name": "APPLE-SA-2016-09-20",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
"name" : "APPLE-SA-2016-09-20-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" "name": "APPLE-SA-2016-09-20-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
"name" : "93054", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93054" "name": "APPLE-SA-2016-09-20-5",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"
"name" : "1036858", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036858" "name": "APPLE-SA-2016-09-20-6",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"
} },
} {
"name": "93054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93054"
},
{
"name": "https://support.apple.com/HT207170",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207170"
},
{
"name": "https://support.apple.com/HT207142",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207142"
},
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
}
]
}
}

196
2016/4xxx/CVE-2016-4924.json
View File

@ -1,100 +1,100 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC" : "2016-10-12T09:00", "DATE_PUBLIC": "2016-10-12T09:00",
"ID" : "CVE-2016-4924", "ID": "CVE-2016-4924",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "vMX: Information leak vulnerability" "TITLE": "vMX: Information leak vulnerability"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Junos OS", "product_name": "Junos OS",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"platform" : "vMX", "platform": "vMX",
"version_value" : "15.1 prior to 15.1F5" "version_value": "15.1 prior to 15.1F5"
}, },
{ {
"platform" : "vMX", "platform": "vMX",
"version_value" : "14.1 prior to 14.1R8" "version_value": "14.1 prior to 14.1R8"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Juniper Networks" "vendor_name": "Juniper Networks"
} }
]
}
},
"configuration" : [],
"credit" : [],
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8"
}
]
},
"exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "LOCAL",
"availabilityImpact" : "NONE",
"baseScore" : 8.4,
"baseSeverity" : "HIGH",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "NONE",
"vectorString" : "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information leak vulnerability"
}
] ]
} }
] },
}, "configuration": [],
"references" : { "credit": [],
"reference_data" : [ "data_format": "MITRE",
{ "data_type": "CVE",
"name" : "https://kb.juniper.net/JSA10766", "data_version": "4.0",
"refsource" : "CONFIRM", "description": {
"url" : "https://kb.juniper.net/JSA10766" "description_data": [
}, {
{ "lang": "eng",
"name" : "93531", "value": "An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8"
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/93531" ]
} },
] "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.",
}, "impact": {
"solution" : "This issue has been resolved in vMX 14.1R8, 15.1F5, 16.1R1 and all subsequent releases.\n\nThis issue is being tracked as PR 1129051 and is visible on the Customer Support website. ", "cvss": {
"work_around" : [ "attackComplexity": "LOW",
{ "attackVector": "LOCAL",
"lang" : "eng", "availabilityImpact": "NONE",
"value" : "Limit access to only trusted users on the host machine where vMX is deployed." "baseScore": 8.4,
} "baseSeverity": "HIGH",
] "confidentialityImpact": "HIGH",
} "integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leak vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93531"
},
{
"name": "https://kb.juniper.net/JSA10766",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10766"
}
]
},
"solution": "This issue has been resolved in vMX 14.1R8, 15.1F5, 16.1R1 and all subsequent releases.\n\nThis issue is being tracked as PR 1129051 and is visible on the Customer Support website. ",
"work_around": [
{
"lang": "eng",
"value": "Limit access to only trusted users on the host machine where vMX is deployed."
}
]
}

150
2016/4xxx/CVE-2016-4966.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4966", "ID": "CVE-2016-4966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" "lang": "eng",
}, "value": "The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter."
{ }
"name" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", ]
"refsource" : "CONFIRM", },
"url" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#724487", "description": [
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/724487" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92781", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92781" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf",
"refsource": "CONFIRM",
"url": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf"
},
{
"name": "VU#724487",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/724487"
},
{
"name": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities"
},
{
"name": "92781",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92781"
}
]
}
}

120
2016/5xxx/CVE-2016-5065.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-5065", "ID": "CVE-2016-5065",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2", "product_name": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2" "version_value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "command injection"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://carvesystems.com/sierra-wireless-2016-advisory.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://carvesystems.com/sierra-wireless-2016-advisory.html" "lang": "eng",
} "value": "Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "command injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://carvesystems.com/sierra-wireless-2016-advisory.html",
"refsource": "MISC",
"url": "https://carvesystems.com/sierra-wireless-2016-advisory.html"
}
]
}
}

162
2019/0xxx/CVE-2019-0547.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0547", "ID": "CVE-2019-0547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for ARM64-based Systems" "version_value": "Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka \"Windows DHCP Client Remote Code Execution Vulnerability.\" This affects Windows 10, Windows 10 Servers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547" "lang": "eng",
}, "value": "A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka \"Windows DHCP Client Remote Code Execution Vulnerability.\" This affects Windows 10, Windows 10 Servers."
{ }
"name" : "106394", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106394" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0547"
},
{
"name": "106394",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106394"
}
]
}
}

468
2019/0xxx/CVE-2019-0577.json
View File

@ -1,236 +1,236 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "Secure@Microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2019-0577", "ID": "CVE-2019-0577",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Windows 7", "product_name": "Windows 7",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 1" "version_value": "32-bit Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012 R2", "product_name": "Windows Server 2012 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows RT 8.1", "product_name": "Windows RT 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows RT 8.1" "version_value": "Windows RT 8.1"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008", "product_name": "Windows Server 2008",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems Service Pack 2" "version_value": "32-bit Systems Service Pack 2"
}, },
{ {
"version_value" : "32-bit Systems Service Pack 2 (Server Core installation)" "version_value": "32-bit Systems Service Pack 2 (Server Core installation)"
}, },
{ {
"version_value" : "Itanium-Based Systems Service Pack 2" "version_value": "Itanium-Based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2" "version_value": "x64-based Systems Service Pack 2"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 2 (Server Core installation)" "version_value": "x64-based Systems Service Pack 2 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2019", "product_name": "Windows Server 2019",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2012", "product_name": "Windows Server 2012",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 8.1", "product_name": "Windows 8.1",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit systems" "version_value": "32-bit systems"
}, },
{ {
"version_value" : "x64-based systems" "version_value": "x64-based systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2016", "product_name": "Windows Server 2016",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "(Server Core installation)" "version_value": "(Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows Server 2008 R2", "product_name": "Windows Server 2008 R2",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Itanium-Based Systems Service Pack 1" "version_value": "Itanium-Based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1" "version_value": "x64-based Systems Service Pack 1"
}, },
{ {
"version_value" : "x64-based Systems Service Pack 1 (Server Core installation)" "version_value": "x64-based Systems Service Pack 1 (Server Core installation)"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10", "product_name": "Windows 10",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "32-bit Systems" "version_value": "32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for 32-bit Systems" "version_value": "Version 1607 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1607 for x64-based Systems" "version_value": "Version 1607 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1703 for 32-bit Systems" "version_value": "Version 1703 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1703 for x64-based Systems" "version_value": "Version 1703 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for 32-bit Systems" "version_value": "Version 1709 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1709 for ARM64-based Systems" "version_value": "Version 1709 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1709 for x64-based Systems" "version_value": "Version 1709 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for 32-bit Systems" "version_value": "Version 1803 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1803 for ARM64-based Systems" "version_value": "Version 1803 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1803 for x64-based Systems" "version_value": "Version 1803 for x64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for 32-bit Systems" "version_value": "Version 1809 for 32-bit Systems"
}, },
{ {
"version_value" : "Version 1809 for ARM64-based Systems" "version_value": "Version 1809 for ARM64-based Systems"
}, },
{ {
"version_value" : "Version 1809 for x64-based Systems" "version_value": "Version 1809 for x64-based Systems"
}, },
{ {
"version_value" : "x64-based Systems" "version_value": "x64-based Systems"
} }
] ]
} }
}, },
{ {
"product_name" : "Windows 10 Servers", "product_name": "Windows 10 Servers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "version 1709 (Server Core Installation)" "version_value": "version 1709 (Server Core Installation)"
}, },
{ {
"version_value" : "version 1803 (Server Core Installation)" "version_value": "version 1803 (Server Core Installation)"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft" "vendor_name": "Microsoft"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577" "lang": "eng",
}, "value": "A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \"Jet Database Engine Remote Code Execution Vulnerability.\" This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0538, CVE-2019-0575, CVE-2019-0576, CVE-2019-0578, CVE-2019-0579, CVE-2019-0580, CVE-2019-0581, CVE-2019-0582, CVE-2019-0583, CVE-2019-0584."
{ }
"name" : "106423", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106423" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106423",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106423"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0577"
}
]
}
}

34
2019/0xxx/CVE-2019-0708.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0708", "ID": "CVE-2019-0708",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0877.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0877", "ID": "CVE-2019-0877",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3177.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3177", "ID": "CVE-2019-3177",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3282.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3282", "ID": "CVE-2019-3282",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3594.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3594", "ID": "CVE-2019-3594",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4478.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4478", "ID": "CVE-2019-4478",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4671.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4671", "ID": "CVE-2019-4671",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/4xxx/CVE-2019-4817.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-4817", "ID": "CVE-2019-4817",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7784.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7784", "ID": "CVE-2019-7784",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7824.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7824", "ID": "CVE-2019-7824",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8553.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8553", "ID": "CVE-2019-8553",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8666.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8666", "ID": "CVE-2019-8666",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8716.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8716", "ID": "CVE-2019-8716",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8792.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8792", "ID": "CVE-2019-8792",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8840.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8840", "ID": "CVE-2019-8840",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9472.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9472", "ID": "CVE-2019-9472",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9602.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9602", "ID": "CVE-2019-9602",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9769.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9769", "ID": "CVE-2019-9769",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "46531", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/46531" "lang": "eng",
} "value": "PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46531",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46531"
}
]
}
}