admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:36:56 +00:00
parent 031179c9e1
commit 8b655eac1e
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
56 changed files with 3259 additions and 3259 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

200
2007/0xxx/CVE-2007-0353.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0353", "ID": "CVE-2007-0353",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/457206/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in (1) index.php and (2) login.php in myBloggie 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO string."
{ }
"name" : "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://mywebland.com/forums/showtopic.php?t=1224", "description": [
"refsource" : "MISC", {
"url" : "http://mywebland.com/forums/showtopic.php?t=1224" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "22097", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/22097" ]
}, },
{ "references": {
"name" : "32929", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32929" "name": "mybloggie-indexlogin-xss(31554)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31554"
"name" : "32930", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32930" "name": "32930",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32930"
"name" : "1017531", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017531" "name": "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/457206/100/0/threaded"
"name" : "2155", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2155" "name": "2155",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2155"
"name" : "mybloggie-indexlogin-xss(31554)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31554" "name": "22097",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/22097"
} },
} {
"name": "http://mywebland.com/forums/showtopic.php?t=1224",
"refsource": "MISC",
"url": "http://mywebland.com/forums/showtopic.php?t=1224"
},
{
"name": "32929",
"refsource": "OSVDB",
"url": "http://osvdb.org/32929"
},
{
"name": "20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0338.html"
},
{
"name": "1017531",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017531"
}
]
}
}

170
2007/3xxx/CVE-2007-3583.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3583", "ID": "CVE-2007-3583",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the idnew parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4142", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4142" "lang": "eng",
}, "value": "SQL injection vulnerability in details_news.php in Girlserv ads 1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the idnew parameter."
{ }
"name" : "24755", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24755" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2434", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2434" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36365", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/36365" ]
}, },
{ "references": {
"name" : "25925", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25925" "name": "girlserv-detailsnews-sql-injection(35253)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35253"
"name" : "girlserv-detailsnews-sql-injection(35253)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35253" "name": "36365",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/36365"
} },
} {
"name": "24755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24755"
},
{
"name": "ADV-2007-2434",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2434"
},
{
"name": "4142",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4142"
},
{
"name": "25925",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25925"
}
]
}
}

210
2007/3xxx/CVE-2007-3619.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3619", "ID": "CVE-2007-3619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070705 [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628]", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/472886/100/0/threaded" "lang": "eng",
}, "value": "Directory traversal vulnerability in login.php in Maia Mailguard 1.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter."
{ }
"name" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt", ]
"refsource" : "MISC", },
"url" : "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.maiamailguard.org/maia/changeset/1184", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.maiamailguard.org/maia/changeset/1184" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.maiamailguard.org/maia/ticket/479", ]
"refsource" : "CONFIRM", }
"url" : "http://www.maiamailguard.org/maia/ticket/479" ]
}, },
{ "references": {
"name" : "24770", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24770" "name": "37884",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37884"
"name" : "ADV-2007-2456", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2456" "name": "http://www.maiamailguard.org/maia/changeset/1184",
}, "refsource": "CONFIRM",
{ "url": "http://www.maiamailguard.org/maia/changeset/1184"
"name" : "37884", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37884" "name": "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt",
}, "refsource": "MISC",
{ "url": "http://www.netragard.com/pdfs/research/NETRAGARD-20070628-MAILGUARD.txt"
"name" : "1018338", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018338" "name": "2864",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2864"
"name" : "25951", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25951" "name": "1018338",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018338"
"name" : "2864", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2864" "name": "ADV-2007-2456",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/2456"
} },
} {
"name": "20070705 [NETRAGARD SECURITY ADVISORY][Maia Mailguard 1.0.2 Arbitrary Code Execution][NETRAGARD-20070628]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472886/100/0/threaded"
},
{
"name": "http://www.maiamailguard.org/maia/ticket/479",
"refsource": "CONFIRM",
"url": "http://www.maiamailguard.org/maia/ticket/479"
},
{
"name": "24770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24770"
},
{
"name": "25951",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25951"
}
]
}
}

130
2007/3xxx/CVE-2007-3664.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3664", "ID": "CVE-2007-3664",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when \"improperly used\", as demonstrated by the AcceptControls subroutine."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070707 [Eleytt] 7LIPIEC2007", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473187" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when \"improperly used\", as demonstrated by the AcceptControls subroutine."
{ }
"name" : "43776", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/43776" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070707 [Eleytt] 7LIPIEC2007",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473187"
},
{
"name": "43776",
"refsource": "OSVDB",
"url": "http://osvdb.org/43776"
}
]
}
}

170
2007/4xxx/CVE-2007-4128.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4128", "ID": "CVE-2007-4128",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in the Firestorm Technologies GMaps (com_gmaps) 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4248", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4248" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in the Firestorm Technologies GMaps (com_gmaps) 1.00 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mapId parameter in a viewmap action."
{ }
"name" : "http://firestorm-technologies.com/", ]
"refsource" : "CONFIRM", },
"url" : "http://firestorm-technologies.com/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25146", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25146" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2745", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2745" ]
}, },
{ "references": {
"name" : "39192", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39192" "name": "ADV-2007-2745",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2745"
"name" : "gmaps-mapid-sql-injection(35701)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35701" "name": "39192",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/39192"
} },
} {
"name": "4248",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4248"
},
{
"name": "http://firestorm-technologies.com/",
"refsource": "CONFIRM",
"url": "http://firestorm-technologies.com/"
},
{
"name": "25146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25146"
},
{
"name": "gmaps-mapid-sql-injection(35701)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35701"
}
]
}
}

210
2007/4xxx/CVE-2007-4459.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4459", "ID": "CVE-2007-4459",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html" "lang": "eng",
}, "value": "Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages."
{ }
"name" : "20070820 3 messsages attack remote DOS on Cisco 7940", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones", "description": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25378", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25378" ]
}, },
{ "references": {
"name" : "ADV-2007-2928", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2928" "name": "25378",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25378"
"name" : "36695", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/36695" "name": "cisco-ipphone-sip-dos(36125)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125"
"name" : "1018591", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018591" "name": "20070821 Multiple SIP Vulnerabilities in the Cisco 7960 IP Phones",
}, "refsource": "CISCO",
{ "url": "http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml"
"name" : "26547", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26547" "name": "26547",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26547"
"name" : "3042", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3042" "name": "20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html"
"name" : "cisco-ipphone-sip-dos(36125)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36125" "name": "3042",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3042"
} },
} {
"name": "20070820 3 messsages attack remote DOS on Cisco 7940",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html"
},
{
"name": "1018591",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018591"
},
{
"name": "ADV-2007-2928",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2928"
},
{
"name": "36695",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36695"
}
]
}
}

630
2007/4xxx/CVE-2007-4572.json
View File

@ -1,317 +1,317 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-4572", "ID": "CVE-2007-4572",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485936/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon server requests."
{ }
"name" : "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/486859/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.vmware.com/pipermail/security-announce/2008/000002.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://us1.samba.org/samba/security/CVE-2007-4572.html", ]
"refsource" : "CONFIRM", }
"url" : "http://us1.samba.org/samba/security/CVE-2007-4572.html" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1894", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1894" "name": "USN-544-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-544-2"
"name" : "http://docs.info.apple.com/article.html?artnum=307179", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307179" "name": "27691",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27691"
"name" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2008-0001.html" "name": "RHSA-2007:1016",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1016.html"
"name" : "APPLE-SA-2007-12-17", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" "name": "USN-544-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/544-1/"
"name" : "DSA-1409", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1409" "name": "ADV-2007-4238",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4238"
"name" : "FEDORA-2007-3402", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html" "name": "TA07-352A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
"name" : "GLSA-200711-29", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml" "name": "30835",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30835"
"name" : "HPSBUX02316", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=120524782005154&w=2" "name": "29341",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29341"
"name" : "SSRT071495", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=120524782005154&w=2" "name": "1018954",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018954"
"name" : "HPSBUX02341", },
"refsource" : "HP", {
"url" : "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" "name": "SSA:2007-320-01",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739"
"name" : "SSRT080075", },
"refsource" : "HP", {
"url" : "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657" "name": "HPSBUX02316",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=120524782005154&w=2"
"name" : "MDKSA-2007:224", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224" "name": "28136",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28136"
"name" : "RHSA-2007:1013", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1013.html" "name": "30736",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30736"
"name" : "RHSA-2007:1016", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1016.html" "name": "ADV-2007-3869",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3869"
"name" : "RHSA-2007:1017", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-1017.html" "name": "27679",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27679"
"name" : "SSA:2007-320-01", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.447739" "name": "27682",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27682"
"name" : "237764", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1" "name": "27701",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27701"
"name" : "SUSE-SA:2007:065", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_65_samba.html" "name": "RHSA-2007:1013",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-1013.html"
"name" : "USN-544-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/544-1/" "name": "ADV-2008-1908",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1908"
"name" : "USN-544-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-544-2" "name": "samba-nmbd-bo(38501)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501"
"name" : "USN-617-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-617-1" "name": "27720",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27720"
"name" : "TA07-352A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" "name": "SSRT071495",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=120524782005154&w=2"
"name" : "26454", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26454" "name": "HPSBUX02341",
}, "refsource": "HP",
{ "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
"name" : "oval:org.mitre.oval:def:5643", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643" "name": "30484",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30484"
"name" : "oval:org.mitre.oval:def:11132", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132" "name": "20080108 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/485936/100/0/threaded"
"name" : "ADV-2007-3869", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3869" "name": "DSA-1409",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1409"
"name" : "ADV-2007-4238", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4238" "name": "27450",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27450"
"name" : "ADV-2008-0064", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0064" "name": "27731",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27731"
"name" : "ADV-2008-0859", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0859/references" "name": "[Security-announce] 20080107 VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
}, "refsource": "MLIST",
{ "url": "http://lists.vmware.com/pipermail/security-announce/2008/000002.html"
"name" : "ADV-2008-1712", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1712/references" "name": "oval:org.mitre.oval:def:11132",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11132"
"name" : "ADV-2008-1908", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1908" "name": "SSRT080075",
}, "refsource": "HP",
{ "url": "http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c01475657"
"name" : "1018954", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018954" "name": "APPLE-SA-2007-12-17",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
"name" : "27450", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27450" "name": "MDKSA-2007:224",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:224"
"name" : "27679", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27679" "name": "27787",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27787"
"name" : "27682", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27682" "name": "http://docs.info.apple.com/article.html?artnum=307179",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307179"
"name" : "27691", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27691" "name": "oval:org.mitre.oval:def:5643",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5643"
"name" : "27701", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27701" "name": "28368",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28368"
"name" : "27720", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27720" "name": "https://issues.rpath.com/browse/RPL-1894",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1894"
"name" : "27731", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27731" "name": "26454",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26454"
"name" : "27787", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27787" "name": "GLSA-200711-29",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-29.xml"
"name" : "27927", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27927" "name": "USN-617-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-617-1"
"name" : "28136", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28136" "name": "FEDORA-2007-3402",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00472.html"
"name" : "28368", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28368" "name": "27927",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27927"
"name" : "29341", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29341" "name": "ADV-2008-1712",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1712/references"
"name" : "30484", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30484" "name": "ADV-2008-0859",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0859/references"
"name" : "30736", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30736" "name": "237764",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237764-1"
"name" : "30835", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30835" "name": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.vmware.com/security/advisories/VMSA-2008-0001.html"
"name" : "samba-nmbd-bo(38501)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38501" "name": "http://us1.samba.org/samba/security/CVE-2007-4572.html",
} "refsource": "CONFIRM",
] "url": "http://us1.samba.org/samba/security/CVE-2007-4572.html"
} },
} {
"name": "RHSA-2007:1017",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1017.html"
},
{
"name": "ADV-2008-0064",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0064"
},
{
"name": "SUSE-SA:2007:065",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_65_samba.html"
},
{
"name": "20080123 UPDATED VMSA-2008-0001.1 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486859/100/0/threaded"
}
]
}
}

390
2007/6xxx/CVE-2007-6114.json
View File

@ -1,197 +1,197 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2007-6114", "ID": "CVE-2007-6114",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080103 rPSA-2008-0004-1 tshark wireshark", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485792/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser."
{ }
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=199958", ]
"refsource" : "MISC", },
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=199958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2007-03.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004", ]
"refsource" : "CONFIRM", }
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1975", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1975" "name": "27777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27777"
"name" : "DSA-1414", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2007/dsa-1414" "name": "https://issues.rpath.com/browse/RPL-1975",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1975"
"name" : "FEDORA-2007-4590", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html" "name": "29048",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29048"
"name" : "FEDORA-2007-4690", },
"refsource" : "FEDORA", {
"url" : "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html" "name": "26532",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26532"
"name" : "GLSA-200712-23", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200712-23.xml" "name": "http://www.wireshark.org/security/wnpa-sec-2007-03.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.wireshark.org/security/wnpa-sec-2007-03.html"
"name" : "MDVSA-2008:001", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001" "name": "28564",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28564"
"name" : "MDVSA-2008:1", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1" "name": "20080103 rPSA-2008-0004-1 tshark wireshark",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/485792/100/0/threaded"
"name" : "RHSA-2008:0058", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0058.html" "name": "GLSA-200712-23",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200712-23.xml"
"name" : "RHSA-2008:0059", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0059.html" "name": "RHSA-2008:0059",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0059.html"
"name" : "SUSE-SR:2008:004", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html" "name": "28304",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28304"
"name" : "26532", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26532" "name": "1018988",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018988"
"name" : "oval:org.mitre.oval:def:10708", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708" "name": "DSA-1414",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2007/dsa-1414"
"name" : "ADV-2007-3956", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3956" "name": "FEDORA-2007-4690",
}, "refsource": "FEDORA",
{ "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00712.html"
"name" : "1018988", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018988" "name": "28325",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28325"
"name" : "27777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27777" "name": "MDVSA-2008:1",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:1"
"name" : "27817", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27817" "name": "MDVSA-2008:001",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:001"
"name" : "28197", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28197" "name": "RHSA-2008:0058",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2008-0058.html"
"name" : "28288", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28288" "name": "SUSE-SR:2008:004",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.html"
"name" : "28304", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28304" "name": "http://bugs.gentoo.org/show_bug.cgi?id=199958",
}, "refsource": "MISC",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=199958"
"name" : "28207", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28207" "name": "28583",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28583"
"name" : "28325", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28325" "name": "ADV-2007-3956",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3956"
"name" : "28564", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28564" "name": "28197",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28197"
"name" : "28583", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28583" "name": "28288",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28288"
"name" : "29048", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29048" "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004",
} "refsource": "CONFIRM",
] "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004"
} },
} {
"name": "28207",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28207"
},
{
"name": "oval:org.mitre.oval:def:10708",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10708"
},
{
"name": "FEDORA-2007-4590",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00606.html"
},
{
"name": "27817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27817"
}
]
}
}

160
2007/6xxx/CVE-2007-6659.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6659", "ID": "CVE-2007-6659",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an addnews action to the default URI; (3) the content parameter in a pm write action to 2z/admin.php; (4) the referer parameter to templates/default/usermenu.tpl, accessed through index.php; or the (5) newavatar or (6) newphoto parameter in a profile action to the default URI under 2z/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071228 2z-project 0.9.6.1 Multiple Security Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/485590/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in 2z project 0.9.6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) contentshort or (2) contentfull parameter in an addnews action to the default URI; (3) the content parameter in a pm write action to 2z/admin.php; (4) the referer parameter to templates/default/usermenu.tpl, accessed through index.php; or the (5) newavatar or (6) newphoto parameter in a profile action to the default URI under 2z/."
{ }
"name" : "http://2z-project.ru/forum/viewtopic.php?pid=8309", ]
"refsource" : "CONFIRM", },
"url" : "http://2z-project.ru/forum/viewtopic.php?pid=8309" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "27057", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/27057" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "28244", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/28244" ]
}, },
{ "references": {
"name" : "3514", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3514" "name": "27057",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/27057"
} },
} {
"name": "3514",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3514"
},
{
"name": "20071228 2z-project 0.9.6.1 Multiple Security Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485590/100/0/threaded"
},
{
"name": "28244",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28244"
},
{
"name": "http://2z-project.ru/forum/viewtopic.php?pid=8309",
"refsource": "CONFIRM",
"url": "http://2z-project.ru/forum/viewtopic.php?pid=8309"
}
]
}
}

34
2014/1xxx/CVE-2014-1617.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1617", "ID": "CVE-2014-1617",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2014/1xxx/CVE-2014-1647.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@symantec.com",
"ID" : "CVE-2014-1647", "ID": "CVE-2014-1647",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00" "lang": "eng",
}, "value": "Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate."
{ }
"name" : "67020", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/67020" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67020"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140423_00"
}
]
}
}

34
2014/1xxx/CVE-2014-1952.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1952", "ID": "CVE-2014-1952",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2014/5xxx/CVE-2014-5260.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2014-5260", "ID": "CVE-2014-5260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140815 Re: CVE Request: XML-DT: Insecure use of temporary files", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/08/15/8" "lang": "eng",
}, "value": "The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file."
{ }
"name" : "https://bugs.debian.org/756566", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.debian.org/756566" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes", ]
"refsource" : "CONFIRM", }
"url" : "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes",
"refsource": "CONFIRM",
"url": "https://metacpan.org/source/AMBS/XML-DT-0.66/Changes"
},
{
"name": "https://bugs.debian.org/756566",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/756566"
},
{
"name": "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/",
"refsource": "CONFIRM",
"url": "https://metacpan.org/diff/file?target=AMBS/XML-DT-0.64/&source=AMBS/XML-DT-0.63/"
},
{
"name": "[oss-security] 20140815 Re: CVE Request: XML-DT: Insecure use of temporary files",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/08/15/8"
}
]
}
}

130
2014/5xxx/CVE-2014-5414.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-5414", "ID": "CVE-2014-5414",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02" "lang": "eng",
}, "value": "Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT components do not restrict the number of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack."
{ }
"name" : "93349", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93349" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93349",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93349"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-278-02"
}
]
}
}

140
2014/5xxx/CVE-2014-5828.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5828", "ID": "CVE-2014-5828",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The 3Kundenzone (aka com.hutchison3g.at.android.selfcare) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#719249", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/719249" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#719249",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/719249"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5835.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5835", "ID": "CVE-2014-5835",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Club Personal (aka com.globant.clubpersonal) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Club Personal (aka com.globant.clubpersonal) application 2.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#476281", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/476281" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#476281",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/476281"
}
]
}
}

140
2014/5xxx/CVE-2014-5928.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5928", "ID": "CVE-2014-5928",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Steganos Online Shield VPN (aka com.steganos.onlineshield) application 1.0.3 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#425065", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/425065" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#425065",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/425065"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/5xxx/CVE-2014-5933.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5933", "ID": "CVE-2014-5933",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Coke Studio 7 (aka com.cokeshare.pakistan) application 1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#152089", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/152089" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#152089",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/152089"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

190
2015/2xxx/CVE-2015-2678.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2678", "ID": "CVE-2015-2678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "36321", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/36321" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php."
{ }
"name" : "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17", ]
"refsource" : "MISC", },
"url" : "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php", ]
"refsource" : "MISC", }
"url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php" ]
}, },
{ "references": {
"name" : "https://github.com/semplon/GeniXCMS/issues/7", "reference_data": [
"refsource" : "MISC", {
"url" : "https://github.com/semplon/GeniXCMS/issues/7" "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php",
}, "refsource": "MISC",
{ "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5233.php"
"name" : "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815" "name": "73301",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/73301"
"name" : "73301", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/73301" "name": "https://github.com/semplon/GeniXCMS/issues/7",
}, "refsource": "MISC",
{ "url": "https://github.com/semplon/GeniXCMS/issues/7"
"name" : "119394", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/show/osvdb/119394" "name": "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17",
} "refsource": "MISC",
] "url": "http://blog.metalgenix.com/genixcms-v0-0-2-release-security-and-bug-fixes/17"
} },
} {
"name": "36321",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/36321"
},
{
"name": "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815",
"refsource": "CONFIRM",
"url": "https://github.com/semplon/GeniXCMS/commit/698245488343396185b1b49e7482ee5b25541815"
},
{
"name": "119394",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/119394"
},
{
"name": "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130771/GeniXCMS-0.0.1-Cross-Site-Scripting.html"
}
]
}
}

150
2015/6xxx/CVE-2015-6015.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-6015", "ID": "CVE-2015-6015",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2016-0432. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this issue is a stack-based buffer overflow in Oracle Outside In 8.5.2 and earlier, which allows remote attackers to execute arbitrary code via a crafted Paradox DB file."
{ }
"name" : "VU#916896", ]
"refsource" : "CERT-VN", },
"url" : "https://www.kb.cert.org/vuls/id/916896" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "81243", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81243" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034711", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034711" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "VU#916896",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/916896"
},
{
"name": "1034711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034711"
},
{
"name": "81243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81243"
}
]
}
}

34
2015/6xxx/CVE-2015-6208.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6208", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6208",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

210
2015/6xxx/CVE-2015-6777.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2015-6777", "ID": "CVE-2015-6777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Source/core/dom/ContainerNode.cpp in the DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOMCharacterDataModified events for certain detached-subtree insertions."
{ }
"name" : "https://code.google.com/p/chromium/issues/detail?id=544020", ]
"refsource" : "CONFIRM", },
"url" : "https://code.google.com/p/chromium/issues/detail?id=544020" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://codereview.chromium.org/1420653003/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://codereview.chromium.org/1420653003/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3415", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2015/dsa-3415" ]
}, },
{ "references": {
"name" : "GLSA-201603-09", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-09" "name": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html"
"name" : "openSUSE-SU-2015:2290", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html" "name": "USN-2825-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2825-1"
"name" : "openSUSE-SU-2015:2291", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html" "name": "https://codereview.chromium.org/1420653003/",
}, "refsource": "CONFIRM",
{ "url": "https://codereview.chromium.org/1420653003/"
"name" : "USN-2825-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2825-1" "name": "openSUSE-SU-2015:2290",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00016.html"
"name" : "78416", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/78416" "name": "https://code.google.com/p/chromium/issues/detail?id=544020",
}, "refsource": "CONFIRM",
{ "url": "https://code.google.com/p/chromium/issues/detail?id=544020"
"name" : "1034298", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034298" "name": "GLSA-201603-09",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201603-09"
} },
} {
"name": "78416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78416"
},
{
"name": "DSA-3415",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3415"
},
{
"name": "openSUSE-SU-2015:2291",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00017.html"
},
{
"name": "1034298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034298"
}
]
}
}

34
2015/6xxx/CVE-2015-6958.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6958", "ID": "CVE-2015-6958",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2016/0xxx/CVE-2016-0495.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0495", "ID": "CVE-2016-0495",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core."
{ }
"name" : "DSA-3454", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2016/dsa-3454" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "81214", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/81214" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1034731", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1034731" ]
} },
] "references": {
} "reference_data": [
} {
"name": "1034731",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034731"
},
{
"name": "DSA-3454",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3454"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "81214",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/81214"
}
]
}
}

34
2016/0xxx/CVE-2016-0621.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-0621", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-0621",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/1000xxx/CVE-2016-1000110.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000110", "ID": "CVE-2016-1000110",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

160
2016/10xxx/CVE-2016-10064.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10064", "ID": "CVE-2016-10064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/26/9" "lang": "eng",
}, "value": "Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410478", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410478" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2017:0391", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html" ]
}, },
{ "references": {
"name" : "95211", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95211" "name": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288",
} "refsource": "CONFIRM",
] "url": "https://github.com/ImageMagick/ImageMagick/commit/f8877abac8e568b2f339cca70c2c3c1b6eaec288"
} },
} {
"name": "openSUSE-SU-2017:0391",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2017-02/msg00028.html"
},
{
"name": "95211",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95211"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410478"
},
{
"name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/26/9"
}
]
}
}

130
2016/10xxx/CVE-2016-10379.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10379", "ID": "CVE-2016-10379",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html" "lang": "eng",
}, "value": "The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php."
{ }
"name" : "98753", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98753" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98753"
},
{
"name": "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html",
"refsource": "MISC",
"url": "http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html"
}
]
}
}

140
2016/4xxx/CVE-2016-4260.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4260", "ID": "CVE-2016-4260",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html" "lang": "eng",
}, "value": "Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262."
{ }
"name" : "92928", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92928" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036793", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036793" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1036793",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036793"
},
{
"name": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html"
},
{
"name": "92928",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92928"
}
]
}
}

140
2016/4xxx/CVE-2016-4498.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2016-4498", "ID": "CVE-2016-4498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-332/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-332/" "lang": "eng",
}, "value": "Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows local users to cause a denial of service or possibly have unspecified other impact via unknown vectors."
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01", ]
"refsource" : "MISC", },
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "90521", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/90521" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "90521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90521"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-131-01"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-332/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-332/"
}
]
}
}

190
2016/4xxx/CVE-2016-4611.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4611", "ID": "CVE-2016-4611",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207142", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207142" "lang": "eng",
}, "value": "WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2016-4730, CVE-2016-4733, CVE-2016-4734, and CVE-2016-4735."
{ }
"name" : "https://support.apple.com/HT207143", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207143" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207157", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207157" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2016-09-20-2", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2016-09-20-3", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" "name": "APPLE-SA-2016-09-20-3",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
"name" : "APPLE-SA-2016-09-20-6", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html" "name": "https://support.apple.com/HT207157",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207157"
"name" : "93057", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93057" "name": "APPLE-SA-2016-09-20-6",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"
"name" : "1036854", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036854" "name": "1036854",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1036854"
} },
} {
"name": "https://support.apple.com/HT207142",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207142"
},
{
"name": "https://support.apple.com/HT207143",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207143"
},
{
"name": "93057",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93057"
},
{
"name": "APPLE-SA-2016-09-20-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html"
}
]
}
}

180
2016/4xxx/CVE-2016-4669.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4669", "ID": "CVE-2016-4669",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "40654", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/40654/" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10.12.1 is affected. tvOS before 10.0.1 is affected. watchOS before 3.1 is affected. The issue involves the \"Kernel\" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (MIG code mishandling and system crash) via unspecified vectors."
{ }
"name" : "https://support.apple.com/HT207269", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207269" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207270", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207270" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT207271", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT207271" ]
}, },
{ "references": {
"name" : "https://support.apple.com/HT207275", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207275" "name": "https://support.apple.com/HT207271",
}, "refsource": "CONFIRM",
{ "url": "https://support.apple.com/HT207271"
"name" : "93849", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93849" "name": "1037086",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037086"
"name" : "1037086", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037086" "name": "93849",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/93849"
} },
} {
"name": "https://support.apple.com/HT207269",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207269"
},
{
"name": "https://support.apple.com/HT207270",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207270"
},
{
"name": "https://support.apple.com/HT207275",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207275"
},
{
"name": "40654",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40654/"
}
]
}
}

140
2016/4xxx/CVE-2016-4678.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4678", "ID": "CVE-2016-4678",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the \"AppleSMC\" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207275", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207275" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. macOS before 10.12.1 is affected. The issue involves the \"AppleSMC\" component. It allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors."
{ }
"name" : "93852", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93852" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037086", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037086" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1037086",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037086"
},
{
"name": "93852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93852"
},
{
"name": "https://support.apple.com/HT207275",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207275"
}
]
}
}

150
2016/4xxx/CVE-2016-4968.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4968", "ID": "CVE-2016-4968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf" "lang": "eng",
}, "value": "The linkreport/tmp/admin_global page in Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users to discover administrator cookies via a GET request."
{ }
"name" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities", ]
"refsource" : "CONFIRM", },
"url" : "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#724487", "description": [
"refsource" : "CERT-VN", {
"url" : "https://www.kb.cert.org/vuls/id/724487" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92779", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92779" ]
} },
] "references": {
} "reference_data": [
} {
"name": "92779",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92779"
},
{
"name": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf",
"refsource": "CONFIRM",
"url": "http://docs.fortinet.com/uploaded/files/3236/fortiwan-v4.2.5-release-notes.pdf"
},
{
"name": "VU#724487",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/724487"
},
{
"name": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/fortiwan-multiple-vulnerabilities"
}
]
}
}

130
2016/9xxx/CVE-2016-9049.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2016-9049", "ID": "CVE-2016-9049",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Database Server", "product_name": "Database Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.10.0.3" "version_value": "3.10.0.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Aerospike" "vendor_name": "Aerospike"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "remote code execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0263/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0263/" "lang": "eng",
}, "value": "An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability."
{ }
"name" : "96376", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/96376" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0263/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0263/"
},
{
"name": "96376",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96376"
}
]
}
}

152
2016/9xxx/CVE-2016-9076.json
View File

@ -1,78 +1,78 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-9076", "ID": "CVE-2016-9076",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50" "version_value": "50"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue where a \"<select>\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "select dropdown menu can be used for URL bar spoofing on e10s"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976" "lang": "eng",
}, "value": "An issue where a \"<select>\" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "94337", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94337" "lang": "eng",
}, "value": "select dropdown menu can be used for URL bar spoofing on e10s"
{ }
"name" : "1037298", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id/1037298" ]
} },
] "references": {
} "reference_data": [
} {
"name": "94337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94337"
},
{
"name": "1037298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037298"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1276976"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
}
]
}
}

34
2016/9xxx/CVE-2016-9255.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9255", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9255",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none."
} }
] ]
} }
} }

34
2016/9xxx/CVE-2016-9300.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9300", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9300",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2106.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2106", "ID": "CVE-2019-2106",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2727.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2727", "ID": "CVE-2019-2727",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3039.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3039", "ID": "CVE-2019-3039",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3120.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3120", "ID": "CVE-2019-3120",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3451.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3451", "ID": "CVE-2019-3451",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3709.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3709", "ID": "CVE-2019-3709",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6277.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6277", "ID": "CVE-2019-6277",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6355.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6355", "ID": "CVE-2019-6355",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6916.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6916", "ID": "CVE-2019-6916",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6971.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6971", "ID": "CVE-2019-6971",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/7xxx/CVE-2019-7340.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7340", "ID": "CVE-2019-7340",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ZoneMinder/zoneminder/issues/2462", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ZoneMinder/zoneminder/issues/2462" "lang": "eng",
} "value": "POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ZoneMinder/zoneminder/issues/2462",
"refsource": "MISC",
"url": "https://github.com/ZoneMinder/zoneminder/issues/2462"
}
]
}
}

130
2019/7xxx/CVE-2019-7390.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7390", "ID": "CVE-2019-7390",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/leonW7/D-Link/blob/master/Vul_5.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/leonW7/D-Link/blob/master/Vul_5.md" "lang": "eng",
}, "value": "An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API."
{ }
"name" : "106855", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106855" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/leonW7/D-Link/blob/master/Vul_5.md",
"refsource": "MISC",
"url": "https://github.com/leonW7/D-Link/blob/master/Vul_5.md"
},
{
"name": "106855",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106855"
}
]
}
}

34
2019/7xxx/CVE-2019-7833.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7833", "ID": "CVE-2019-7833",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8215.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8215", "ID": "CVE-2019-8215",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8221.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8221", "ID": "CVE-2019-8221",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8682.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8682", "ID": "CVE-2019-8682",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8774.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8774", "ID": "CVE-2019-8774",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9425.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9425", "ID": "CVE-2019-9425",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }