admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:19:20 +00:00
parent 6b8783be5e
commit 93b90f1d5a
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 3582 additions and 3582 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
2007/0xxx/CVE-2007-0561.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0561", "ID": "CVE-2007-0561",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070125 Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458059/100/0/threaded" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) admin_linkdb.php, (2) admin_forum_prune.php, (3) admin_extensions.php, (4) admin_board.php, (5) admin_attachments.php, or (6) admin_users.php in admin/."
{ }
"name" : "3192", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/3192" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22227", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22227" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0338", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0338" ]
}, },
{ "references": {
"name" : "31634", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31634" "name": "31977",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/31977"
"name" : "31977", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31977" "name": "23952",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23952"
"name" : "31978", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31978" "name": "31978",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/31978"
"name" : "31979", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31979" "name": "22227",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22227"
"name" : "31980", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31980" "name": "xero-multiple-scripts-file-include(31767)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31767"
"name" : "31981", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31981" "name": "3192",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/3192"
"name" : "23952", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23952" "name": "31980",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/31980"
"name" : "xero-multiple-scripts-file-include(31767)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31767" "name": "ADV-2007-0338",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/0338"
} },
} {
"name": "31634",
"refsource": "OSVDB",
"url": "http://osvdb.org/31634"
},
{
"name": "31979",
"refsource": "OSVDB",
"url": "http://osvdb.org/31979"
},
{
"name": "31981",
"refsource": "OSVDB",
"url": "http://osvdb.org/31981"
},
{
"name": "20070125 Xero Portal v1.2 (phpbb_root_path) Remote File Include Vulnerablity",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458059/100/0/threaded"
}
]
}
}

250
2007/0xxx/CVE-2007-0675.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0675", "ID": "CVE-2007-0675",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[dailydave] 20070130 Vista speach recognition", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html" "lang": "eng",
}, "value": "A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer."
{ }
"name" : "[dailydave] 20070130 Vista speach recognition", ]
"refsource" : "MLIST", },
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[dailydave] 20070130 Vista speach recognition", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[dailydave] 20070131 Vista speach recognition", ]
"refsource" : "MLIST", }
"url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html" ]
}, },
{ "references": {
"name" : "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx", "reference_data": [
"refsource" : "MISC", {
"url" : "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx" "name": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx",
}, "refsource": "MISC",
{ "url": "http://blogs.technet.com/msrc/archive/2007/01/31/issue-regarding-windows-vista-speech-recognition.aspx"
"name" : "HPSBST02344", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=121380194923597&w=2" "name": "30578",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/30578"
"name" : "SSRT080087", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=121380194923597&w=2" "name": "[dailydave] 20070131 Vista speach recognition",
}, "refsource": "MLIST",
{ "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004012.html"
"name" : "MS08-032", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032" "name": "22359",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22359"
"name" : "TA08-162B", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA08-162B.html" "name": "TA08-162B",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA08-162B.html"
"name" : "22359", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22359" "name": "oval:org.mitre.oval:def:5489",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489"
"name" : "oval:org.mitre.oval:def:5489", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5489" "name": "HPSBST02344",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"
"name" : "ADV-2008-1779", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1779/references" "name": "[dailydave] 20070130 Vista speach recognition",
}, "refsource": "MLIST",
{ "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004007.html"
"name" : "1020232", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1020232" "name": "SSRT080087",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=121380194923597&w=2"
"name" : "30578", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30578" "name": "1020232",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1020232"
} },
} {
"name": "ADV-2008-1779",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1779/references"
},
{
"name": "MS08-032",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-032"
},
{
"name": "[dailydave] 20070130 Vista speach recognition",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004003.html"
},
{
"name": "[dailydave] 20070130 Vista speach recognition",
"refsource": "MLIST",
"url": "http://lists.immunitysec.com/pipermail/dailydave/2007-January/004005.html"
}
]
}
}

170
2007/0xxx/CVE-2007-0978.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0978", "ID": "CVE-2007-0978",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "IY94901", "description_data": [
"refsource" : "AIXAPAR", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94901" "lang": "eng",
}, "value": "Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data."
{ }
"name" : "ADV-2007-0617", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2007/0617" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "33200", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33200" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1017656", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1017656" ]
}, },
{ "references": {
"name" : "24154", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24154" "name": "1017656",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1017656"
"name" : "aix-swcons-bo(32508)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32508" "name": "24154",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24154"
} },
} {
"name": "33200",
"refsource": "OSVDB",
"url": "http://osvdb.org/33200"
},
{
"name": "ADV-2007-0617",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0617"
},
{
"name": "IY94901",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94901"
},
{
"name": "aix-swcons-bo(32508)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32508"
}
]
}
}

180
2007/3xxx/CVE-2007-3205.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3205", "ID": "CVE-2007-3205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070612 PHP parse_str() arbitrary variable overwrite", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471178/100/0/threaded" "lang": "eng",
}, "value": "The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin."
{ }
"name" : "20070612 Re: PHP parse_str() arbitrary variable overwrite", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/471204/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070613 Re: PHP parse_str() arbitrary variable overwrite", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/471275/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.acid-root.new.fr/advisories/14070612.txt", ]
"refsource" : "MISC", }
"url" : "http://www.acid-root.new.fr/advisories/14070612.txt" ]
}, },
{ "references": {
"name" : "39834", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39834" "name": "39834",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39834"
"name" : "2800", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2800" "name": "2800",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2800"
"name" : "php-parsestr-code-execution(34836)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34836" "name": "20070612 Re: PHP parse_str() arbitrary variable overwrite",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/471204/100/0/threaded"
} },
} {
"name": "php-parsestr-code-execution(34836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34836"
},
{
"name": "20070613 Re: PHP parse_str() arbitrary variable overwrite",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471275/100/0/threaded"
},
{
"name": "http://www.acid-root.new.fr/advisories/14070612.txt",
"refsource": "MISC",
"url": "http://www.acid-root.new.fr/advisories/14070612.txt"
},
{
"name": "20070612 PHP parse_str() arbitrary variable overwrite",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471178/100/0/threaded"
}
]
}
}

150
2007/3xxx/CVE-2007-3232.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3232", "ID": "CVE-2007-3232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070612 using matasano's blackbag/deezee to find 0day and stuff", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html" "lang": "eng",
}, "value": "The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000."
{ }
"name" : "24452", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24452" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "41610", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/41610" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ibm-totalstorage-blankpassword-weak-security(34967)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34967" ]
} },
] "references": {
} "reference_data": [
} {
"name": "24452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24452"
},
{
"name": "ibm-totalstorage-blankpassword-weak-security(34967)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34967"
},
{
"name": "20070612 using matasano's blackbag/deezee to find 0day and stuff",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html"
},
{
"name": "41610",
"refsource": "OSVDB",
"url": "http://osvdb.org/41610"
}
]
}
}

410
2007/3xxx/CVE-2007-3456.json
View File

@ -1,207 +1,207 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3456", "ID": "CVE-2007-3456",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an \"input validation error,\" including a signed comparison of values that are assumed to be non-negative."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070713 [MSA01110707] Flash Player/Plugin Video file parsing Remote CodeExecution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473655/100/0/threaded" "lang": "eng",
}, "value": "Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a (1) Long string or (2) XML variable type in a crafted (a) FLV or (b) SWF file, related to an \"input validation error,\" including a signed comparison of values that are assumed to be non-negative."
{ }
"name" : "20070719 Wii's Internet Channel affected to Flash FLV parser vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/474163/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070720 FLEA-2007-0032-1: flashplayer", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474248/30/5760/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.mindedsecurity.com/labs/advisories/MSA01110707", ]
"refsource" : "MISC", }
"url" : "http://www.mindedsecurity.com/labs/advisories/MSA01110707" ]
}, },
{ "references": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb07-12.html" "name": "28068",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28068"
"name" : "http://docs.info.apple.com/article.html?artnum=307041", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307041" "name": "1018359",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1018359"
"name" : "APPLE-SA-2007-11-14", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" "name": "RHSA-2007:0696",
}, "refsource": "REDHAT",
{ "url": "https://rhn.redhat.com/errata/RHSA-2007-0696.html"
"name" : "GLSA-200708-01", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml" "name": "26357",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26357"
"name" : "RHSA-2007:0696", },
"refsource" : "REDHAT", {
"url" : "https://rhn.redhat.com/errata/RHSA-2007-0696.html" "name": "SUSE-SA:2007:046",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html"
"name" : "103167", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1" "name": "201506",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1"
"name" : "201506", },
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201506-1" "name": "38054",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/38054"
"name" : "SUSE-SA:2007:046", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_46_flashplayer.html" "name": "ADV-2007-4190",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4190"
"name" : "TA07-192A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-192A.html" "name": "26444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26444"
"name" : "TA07-319A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" "name": "GLSA-200708-01",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-01.xml"
"name" : "VU#730785", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/730785" "name": "26027",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26027"
"name" : "24856", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/24856" "name": "flashplayer-swf-code-execution(35337)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35337"
"name" : "26444", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26444" "name": "TA07-192A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-192A.html"
"name" : "38054", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38054" "name": "http://www.mindedsecurity.com/labs/advisories/MSA01110707",
}, "refsource": "MISC",
{ "url": "http://www.mindedsecurity.com/labs/advisories/MSA01110707"
"name" : "oval:org.mitre.oval:def:11493", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11493" "name": "26118",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26118"
"name" : "ADV-2007-2497", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2497" "name": "oval:org.mitre.oval:def:11493",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11493"
"name" : "ADV-2007-3868", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3868" "name": "APPLE-SA-2007-11-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
"name" : "ADV-2007-4190", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/4190" "name": "http://docs.info.apple.com/article.html?artnum=307041",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=307041"
"name" : "1018359", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018359" "name": "VU#730785",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/730785"
"name" : "26027", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26027" "name": "20070713 [MSA01110707] Flash Player/Plugin Video file parsing Remote CodeExecution",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/473655/100/0/threaded"
"name" : "26057", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26057" "name": "ADV-2007-3868",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3868"
"name" : "26118", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26118" "name": "24856",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/24856"
"name" : "26357", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26357" "name": "ADV-2007-2497",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2497"
"name" : "27643", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27643" "name": "20070720 FLEA-2007-0032-1: flashplayer",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/474248/30/5760/threaded"
"name" : "28068", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28068" "name": "103167",
}, "refsource": "SUNALERT",
{ "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103167-1"
"name" : "flashplayer-swf-code-execution(35337)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35337" "name": "27643",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27643"
} },
} {
"name": "26057",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26057"
},
{
"name": "20070719 Wii's Internet Channel affected to Flash FLV parser vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474163/100/200/threaded"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb07-12.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb07-12.html"
}
]
}
}

140
2007/3xxx/CVE-2007-3599.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3599", "ID": "CVE-2007-3599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9" "lang": "eng",
}, "value": "vtiger CRM before 5.0.3 allows remote authenticated users to import and export the information for a contact even when they only have the View permission."
{ }
"name" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968", ]
"refsource" : "CONFIRM", },
"url" : "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "45781", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/45781" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/2968"
},
{
"name": "45781",
"refsource": "OSVDB",
"url": "http://osvdb.org/45781"
},
{
"name": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9",
"refsource": "CONFIRM",
"url": "http://trac.vtiger.com/cgi-bin/trac.cgi/report/9"
}
]
}
}

190
2007/3xxx/CVE-2007-3689.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3689", "ID": "CVE-2007-3689",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://drupal.org/node/152804", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/152804" "lang": "eng",
}, "value": "The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments."
{ }
"name" : "http://drupal.org/node/158029", ]
"refsource" : "CONFIRM", },
"url" : "http://drupal.org/node/158029" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/158032", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/158032" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "24862", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/24862" ]
}, },
{ "references": {
"name" : "ADV-2007-2470", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2470" "name": "http://drupal.org/node/158032",
}, "refsource": "CONFIRM",
{ "url": "http://drupal.org/node/158032"
"name" : "37897", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37897" "name": "25978",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25978"
"name" : "25978", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25978" "name": "ADV-2007-2470",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2470"
"name" : "printfriendlypages-url-security-bypass(35314)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314" "name": "24862",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/24862"
} },
} {
"name": "printfriendlypages-url-security-bypass(35314)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35314"
},
{
"name": "37897",
"refsource": "OSVDB",
"url": "http://osvdb.org/37897"
},
{
"name": "http://drupal.org/node/158029",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/158029"
},
{
"name": "http://drupal.org/node/152804",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/152804"
}
]
}
}

320
2007/3xxx/CVE-2007-3997.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3997", "ID": "CVE-2007-3997",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4392", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4392" "lang": "eng",
}, "value": "The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE."
{ }
"name" : "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/", ]
"refsource" : "MISC", },
"url" : "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.php.net/ChangeLog-5.php#5.2.4", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-5.php#5.2.4" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.php.net/releases/5_2_4.php", ]
"refsource" : "CONFIRM", }
"url" : "http://www.php.net/releases/5_2_4.php" ]
}, },
{ "references": {
"name" : "https://issues.rpath.com/browse/RPL-1702", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1702" "name": "php-localinfile-mysql-security-bypass(39402)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402"
"name" : "https://issues.rpath.com/browse/RPL-1693", },
"refsource" : "CONFIRM", {
"url" : "https://issues.rpath.com/browse/RPL-1693" "name": "26822",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26822"
"name" : "http://www.php.net/ChangeLog-4.php", },
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/ChangeLog-4.php" "name": "ADV-2008-0059",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0059"
"name" : "http://www.php.net/releases/4_4_8.php", },
"refsource" : "CONFIRM", {
"url" : "http://www.php.net/releases/4_4_8.php" "name": "GLSA-200710-02",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml"
"name" : "GLSA-200710-02", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml" "name": "http://www.php.net/releases/4_4_8.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/releases/4_4_8.php"
"name" : "2007-0026", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2007/0026/" "name": "http://www.php.net/ChangeLog-5.php#5.2.4",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-5.php#5.2.4"
"name" : "ADV-2007-3023", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3023" "name": "2007-0026",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2007/0026/"
"name" : "26642", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26642" "name": "https://issues.rpath.com/browse/RPL-1693",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1693"
"name" : "26822", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26822" "name": "3102",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/3102"
"name" : "26838", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26838" "name": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/",
}, "refsource": "MISC",
{ "url": "http://secweb.se/en/advisories/php-mysql-safe-mode-bypass-vulnerability/"
"name" : "27377", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27377" "name": "https://issues.rpath.com/browse/RPL-1702",
}, "refsource": "CONFIRM",
{ "url": "https://issues.rpath.com/browse/RPL-1702"
"name" : "27102", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27102" "name": "26838",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26838"
"name" : "28318", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28318" "name": "php-local-infile-security-bypass(36384)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384"
"name" : "3102", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3102" "name": "27377",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27377"
"name" : "ADV-2008-0059", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0059" "name": "4392",
}, "refsource": "EXPLOIT-DB",
{ "url": "https://www.exploit-db.com/exploits/4392"
"name" : "php-local-infile-security-bypass(36384)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36384" "name": "http://www.php.net/ChangeLog-4.php",
}, "refsource": "CONFIRM",
{ "url": "http://www.php.net/ChangeLog-4.php"
"name" : "php-localinfile-mysql-security-bypass(39402)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39402" "name": "27102",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/27102"
} },
} {
"name": "ADV-2007-3023",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3023"
},
{
"name": "http://www.php.net/releases/5_2_4.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/releases/5_2_4.php"
},
{
"name": "28318",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28318"
},
{
"name": "26642",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26642"
}
]
}
}

34
2007/4xxx/CVE-2007-4274.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2007-4274", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2007-4274",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4275. Reason: This candidate is a reservation duplicate of CVE-2007-4275. Notes: All CVE users should reference CVE-2007-4275 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4275. Reason: This candidate is a reservation duplicate of CVE-2007-4275. Notes: All CVE users should reference CVE-2007-4275 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

190
2007/4xxx/CVE-2007-4693.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4693", "ID": "CVE-2007-4693",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to \"handling of keyboard focus between secure text fields.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://docs.info.apple.com/article.html?artnum=307041", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=307041" "lang": "eng",
}, "value": "The SecurityAgent component in Mac OS X 10.4 through 10.4.10 allows attackers with physical access to bypass the authentication dialog of the screen saver and send keystrokes to a process, related to \"handling of keyboard focus between secure text fields.\""
{ }
"name" : "APPLE-SA-2007-11-14", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "TA07-319A", "description": [
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "26444", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/26444" ]
}, },
{ "references": {
"name" : "ADV-2007-3868", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3868" "name": "26444",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/26444"
"name" : "1018951", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018951" "name": "1018951",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018951"
"name" : "27643", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27643" "name": "APPLE-SA-2007-11-14",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html"
"name" : "macosx-securityagent-screensaver-bypass(38480)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38480" "name": "http://docs.info.apple.com/article.html?artnum=307041",
} "refsource": "CONFIRM",
] "url": "http://docs.info.apple.com/article.html?artnum=307041"
} },
} {
"name": "macosx-securityagent-screensaver-bypass(38480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38480"
},
{
"name": "ADV-2007-3868",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3868"
},
{
"name": "27643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27643"
},
{
"name": "TA07-319A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html"
}
]
}
}

160
2007/4xxx/CVE-2007-4763.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4763", "ID": "CVE-2007-4763",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4363", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4363" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in dbmodules/DB_adodb.class.php in PHP Object Framework (PHPOF) 20040226 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPOF_INCLUDE_PATH parameter."
{ }
"name" : "25541", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25541" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3094", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3094" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38418", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38418" ]
}, },
{ "references": {
"name" : "phpof-dbadodbclass-file-include(36439)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36439" "name": "ADV-2007-3094",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3094"
} },
} {
"name": "phpof-dbadodbclass-file-include(36439)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36439"
},
{
"name": "38418",
"refsource": "OSVDB",
"url": "http://osvdb.org/38418"
},
{
"name": "25541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25541"
},
{
"name": "4363",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4363"
}
]
}
}

160
2007/6xxx/CVE-2007-6487.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6487", "ID": "CVE-2007-6487",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege" "lang": "eng",
}, "value": "Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows remote authenticated users with Secondary Admin privileges to create Admin accounts, a different vulnerability than CVE-2006-0680."
{ }
"name" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "42632", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/42632" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "28059", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/28059" ]
}, },
{ "references": {
"name" : "webgui-admin-security-bypass(39041)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39041" "name": "42632",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/42632"
} },
} {
"name": "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege",
"refsource": "CONFIRM",
"url": "http://www.plainblack.com/bugs/tracker/secondary-admin-can-create-user-with-admin-privilege"
},
{
"name": "28059",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28059"
},
{
"name": "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/",
"refsource": "CONFIRM",
"url": "http://www.plainblack.com/getwebgui/advisories/webgui-7_4_18-stable-released/"
},
{
"name": "webgui-admin-security-bypass(39041)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39041"
}
]
}
}

170
2007/6xxx/CVE-2007-6643.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6643", "ID": "CVE-2007-6643",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.joomla.org/content/view/4335/116/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.joomla.org/content/view/4335/116/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the com_poll component in Joomla! before 1.5 RC4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "MDVSA-2008:060", ]
"refsource" : "MANDRIVA", },
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "28111", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28111" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39979", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/39979" ]
}, },
{ "references": {
"name" : "1019145", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019145" "name": "28111",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28111"
"name" : "29257", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29257" "name": "29257",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/29257"
} },
} {
"name": "http://www.joomla.org/content/view/4335/116/",
"refsource": "CONFIRM",
"url": "http://www.joomla.org/content/view/4335/116/"
},
{
"name": "1019145",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019145"
},
{
"name": "MDVSA-2008:060",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:060"
},
{
"name": "39979",
"refsource": "OSVDB",
"url": "http://osvdb.org/39979"
}
]
}
}

34
2014/1xxx/CVE-2014-1231.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1231", "ID": "CVE-2014-1231",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/1xxx/CVE-2014-1667.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1667", "ID": "CVE-2014-1667",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/1xxx/CVE-2014-1797.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-1797", "ID": "CVE-2014-1797",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS14-035", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" "lang": "eng",
}, "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2764, CVE-2014-2769, and CVE-2014-2771."
{ }
"name" : "67890", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/67890" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1030370", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030370" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1030370",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030370"
},
{
"name": "MS14-035",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035"
},
{
"name": "67890",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67890"
}
]
}
}

150
2014/5xxx/CVE-2014-5035.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5035", "ID": "CVE-2014-5035",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/533114/100/0/threaded" "lang": "eng",
}, "value": "The Netconf (TCP) service in OpenDaylight 1.0 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference in an XML-RPC message, related to an XML External Entity (XXE) issue."
{ }
"name" : "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Aug/34" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "opendaylight-cve20145035-file-include(95254)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95254" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Aug/34"
},
{
"name": "opendaylight-cve20145035-file-include(95254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95254"
},
{
"name": "20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533114/100/0/threaded"
},
{
"name": "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127843/Opendaylight-1.0-Local-File-Inclusion-Remote-File-Inclusion.html"
}
]
}
}

180
2014/5xxx/CVE-2014-5171.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5171", "ID": "CVE-2014-5171",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/532940/100/0/threaded" "lang": "eng",
}, "value": "SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network."
{ }
"name" : "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2014/Jul/149" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021", ]
"refsource" : "MISC", }
"url" : "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021" ]
}, },
{ "references": {
"name" : "http://scn.sap.com/docs/DOC-8218", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://scn.sap.com/docs/DOC-8218" "name": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021",
}, "refsource": "MISC",
{ "url": "http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-021"
"name" : "https://service.sap.com/sap/support/notes/1963932", },
"refsource" : "CONFIRM", {
"url" : "https://service.sap.com/sap/support/notes/1963932" "name": "https://service.sap.com/sap/support/notes/1963932",
}, "refsource": "CONFIRM",
{ "url": "https://service.sap.com/sap/support/notes/1963932"
"name" : "68947", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68947" "name": "68947",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/68947"
} },
} {
"name": "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532940/100/0/threaded"
},
{
"name": "20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jul/149"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"name": "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127666/SAP-HANA-XS-Missing-Encryption.html"
}
]
}
}

130
2014/5xxx/CVE-2014-5454.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5454", "ID": "CVE-2014-5454",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in the image upload module in SAS Visual Analytics 6.4M1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors."
{ }
"name" : "sas-visualanalytics-file-upload(95351)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95351" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sas-visualanalytics-file-upload(95351)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95351"
},
{
"name": "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127866/SAS-Visual-Analytics-6.4M1-Arbitrary-File-Upload.html"
}
]
}
}

140
2014/5xxx/CVE-2014-5975.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5975", "ID": "CVE-2014-5975",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The eponyms (aka com.anddeveloper.eponyms) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#650609", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/650609" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#650609",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/650609"
}
]
}
}

130
2015/2xxx/CVE-2015-2385.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2385", "ID": "CVE-2015-2385",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-065", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2390, CVE-2015-2397, CVE-2015-2404, CVE-2015-2406, and CVE-2015-2422."
{ }
"name" : "1032894", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1032894" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032894",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032894"
},
{
"name": "MS15-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065"
}
]
}
}

34
2015/2xxx/CVE-2015-2392.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-2392", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-2392",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

140
2015/2xxx/CVE-2015-2483.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2483", "ID": "CVE-2015-2483",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Information Disclosure Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-094", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" "lang": "eng",
}, "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Information Disclosure Vulnerability.\""
{ }
"name" : "76584", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76584" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033487", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033487" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "76584",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76584"
},
{
"name": "MS15-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094"
},
{
"name": "1033487",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033487"
}
]
}
}

130
2015/2xxx/CVE-2015-2867.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cert@cert.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2015-2867", "ID": "CVE-2015-2867",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "ComfortLink II SCC firmware", "product_name": "ComfortLink II SCC firmware",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.0.2" "version_value": "2.0.2"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Trane" "vendor_name": "Trane"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "hardcoded passwords"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0028/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0028/" "lang": "eng",
}, "value": "A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote attackers to take complete control of the system."
{ }
"name" : "95120", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95120" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "hardcoded passwords"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0028/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0028/"
},
{
"name": "95120",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95120"
}
]
}
}

34
2015/6xxx/CVE-2015-6179.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-6179", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-6179",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

180
2015/6xxx/CVE-2015-6478.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-6478", "ID": "CVE-2015-6478",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02" "lang": "eng",
}, "value": "Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, which allows remote attackers to have an unspecified impact via a crafted web site."
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-573", ]
"refsource" : "MISC", },
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-573" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-577", "description": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-577" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-578", ]
"refsource" : "MISC", }
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-578" ]
}, },
{ "references": {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-579", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-579" "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-578",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-578"
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-580", },
"refsource" : "MISC", {
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-580" "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-579",
}, "refsource": "MISC",
{ "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-579"
"name" : "77571", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77571" "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-580",
} "refsource": "MISC",
] "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-580"
} },
} {
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-274-02"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-573",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-573"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-15-577",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-577"
},
{
"name": "77571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77571"
}
]
}
}

130
2015/6xxx/CVE-2015-6934.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6934", "ID": "CVE-2015-6934",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.vmware.com/security/advisories/VMSA-2015-0009.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.vmware.com/security/advisories/VMSA-2015-0009.html" "lang": "eng",
}, "value": "Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library."
{ }
"name" : "79648", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/79648" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2015-0009.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2015-0009.html"
},
{
"name": "79648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79648"
}
]
}
}

210
2015/7xxx/CVE-2015-7703.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7703", "ID": "CVE-2015-7703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.ntp.org/bin/view/Main/NtpBug2902", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.ntp.org/bin/view/Main/NtpBug2902" "lang": "eng",
}, "value": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1254547", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1254547" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20171004-0001/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20171004-0001/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" ]
}, },
{ "references": {
"name" : "DSA-3388", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3388" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
"name" : "GLSA-201607-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-15" "name": "RHSA-2016:2583",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html"
"name" : "RHSA-2016:0780", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0780.html" "name": "1033951",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033951"
"name" : "RHSA-2016:2583", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2583.html" "name": "77278",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/77278"
"name" : "77278", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77278" "name": "RHSA-2016:0780",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html"
"name" : "1033951", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033951" "name": "http://support.ntp.org/bin/view/Main/NtpBug2902",
} "refsource": "CONFIRM",
] "url": "http://support.ntp.org/bin/view/Main/NtpBug2902"
} },
} {
"name": "DSA-3388",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3388"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1254547",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1254547"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
}
]
}
}

448
2016/0xxx/CVE-2016-0371.json
View File

@ -1,226 +1,226 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0371", "ID": "CVE-2016-0371",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Tivoli Storage Manager", "product_name": "Tivoli Storage Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.3.5.3" "version_value": "5.3.5.3"
}, },
{ {
"version_value" : "5.4.1.2" "version_value": "5.4.1.2"
}, },
{ {
"version_value" : "4.2" "version_value": "4.2"
}, },
{ {
"version_value" : "4.2.1" "version_value": "4.2.1"
}, },
{ {
"version_value" : "5.1.8" "version_value": "5.1.8"
}, },
{ {
"version_value" : "5.2.5.1" "version_value": "5.2.5.1"
}, },
{ {
"version_value" : "5.2.7" "version_value": "5.2.7"
}, },
{ {
"version_value" : "5.2.8" "version_value": "5.2.8"
}, },
{ {
"version_value" : "5.2.9" "version_value": "5.2.9"
}, },
{ {
"version_value" : "5.3.0" "version_value": "5.3.0"
}, },
{ {
"version_value" : "5.3.1" "version_value": "5.3.1"
}, },
{ {
"version_value" : "5.3.2" "version_value": "5.3.2"
}, },
{ {
"version_value" : "5.3.3" "version_value": "5.3.3"
}, },
{ {
"version_value" : "5.4.4.0" "version_value": "5.4.4.0"
}, },
{ {
"version_value" : "5.4.2.4" "version_value": "5.4.2.4"
}, },
{ {
"version_value" : "5.4.2.3" "version_value": "5.4.2.3"
}, },
{ {
"version_value" : "5.4.2.2" "version_value": "5.4.2.2"
}, },
{ {
"version_value" : "5.3.6.9" "version_value": "5.3.6.9"
}, },
{ {
"version_value" : "5.3.6.2" "version_value": "5.3.6.2"
}, },
{ {
"version_value" : "5.3.6.1" "version_value": "5.3.6.1"
}, },
{ {
"version_value" : "5.3.4" "version_value": "5.3.4"
}, },
{ {
"version_value" : "5.2.5.3" "version_value": "5.2.5.3"
}, },
{ {
"version_value" : "5.2.5.2" "version_value": "5.2.5.2"
}, },
{ {
"version_value" : "5.2.4" "version_value": "5.2.4"
}, },
{ {
"version_value" : "5.3.5.1" "version_value": "5.3.5.1"
}, },
{ {
"version_value" : "5.3.2.4" "version_value": "5.3.2.4"
}, },
{ {
"version_value" : "6.0" "version_value": "6.0"
}, },
{ {
"version_value" : "5.1.0" "version_value": "5.1.0"
}, },
{ {
"version_value" : "5.1.1" "version_value": "5.1.1"
}, },
{ {
"version_value" : "5.1.10" "version_value": "5.1.10"
}, },
{ {
"version_value" : "5.1.5" "version_value": "5.1.5"
}, },
{ {
"version_value" : "5.1.6" "version_value": "5.1.6"
}, },
{ {
"version_value" : "5.1.7" "version_value": "5.1.7"
}, },
{ {
"version_value" : "5.1.9" "version_value": "5.1.9"
}, },
{ {
"version_value" : "5.2.0" "version_value": "5.2.0"
}, },
{ {
"version_value" : "5.2.1" "version_value": "5.2.1"
}, },
{ {
"version_value" : "4.2.2" "version_value": "4.2.2"
}, },
{ {
"version_value" : "4.2.3" "version_value": "4.2.3"
}, },
{ {
"version_value" : "4.2.4" "version_value": "4.2.4"
}, },
{ {
"version_value" : "5.2.2" "version_value": "5.2.2"
}, },
{ {
"version_value" : "5.3" "version_value": "5.3"
}, },
{ {
"version_value" : "5.2 Client" "version_value": "5.2 Client"
}, },
{ {
"version_value" : "5.4 Client" "version_value": "5.4 Client"
}, },
{ {
"version_value" : "5.5.7" "version_value": "5.5.7"
}, },
{ {
"version_value" : "5.2.3.4 Client" "version_value": "5.2.3.4 Client"
}, },
{ {
"version_value" : "5.5.1.0" "version_value": "5.5.1.0"
}, },
{ {
"version_value" : "5.5.1.6" "version_value": "5.5.1.6"
}, },
{ {
"version_value" : "5.4" "version_value": "5.4"
}, },
{ {
"version_value" : "5.5" "version_value": "5.5"
}, },
{ {
"version_value" : "6.1" "version_value": "6.1"
}, },
{ {
"version_value" : "6.2" "version_value": "6.2"
}, },
{ {
"version_value" : "6.3" "version_value": "6.3"
}, },
{ {
"version_value" : "6.4" "version_value": "6.4"
}, },
{ {
"version_value" : "7.1" "version_value": "7.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM Corporation" "vendor_name": "IBM Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985114", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21985114" "lang": "eng",
}, "value": "The Tivoli Storage Manager (TSM) password may be displayed in plain text via application trace output while application tracing is enabled."
{ }
"name" : "94148", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94148" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94148"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21985114",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21985114"
}
]
}
}

130
2016/0xxx/CVE-2016-0429.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0429", "ID": "CVE-2016-0429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401."
{ }
"name" : "1034711", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034711" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034711"
}
]
}
}

142
2016/10xxx/CVE-2016-10298.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"DATE_PUBLIC" : "2017-06-05T00:00:00", "DATE_PUBLIC": "2017-06-05T00:00:00",
"ID" : "CVE-2016-10298", "ID": "CVE-2016-10298",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android kernel" "version_value": "Android kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-06-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-06-01" "lang": "eng",
}, "value": "An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36393252."
{ }
"name" : "98874", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98874" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038623", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038623" "lang": "eng",
} "value": "Elevation of privilege"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-06-01"
},
{
"name": "98874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98874"
},
{
"name": "1038623",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038623"
}
]
}
}

132
2016/10xxx/CVE-2016-10429.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2016-10429", "ID": "CVE-2016-10429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20" "version_value": "FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Possible Improper Authorization in QTEE"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Possible Improper Authorization in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

34
2016/10xxx/CVE-2016-10453.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10453", "ID": "CVE-2016-10453",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/4xxx/CVE-2016-4086.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4086", "ID": "CVE-2016-4086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en" "lang": "eng",
}, "value": "Huawei HiSuite (In China) before 4.0.4.301 and (Out of China) before 4.0.4.204_ove allows remote attackers to install arbitrary apps on a connected phone via unspecified vectors."
{ }
"name" : "92622", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92622" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160422-01-hisuite-en"
},
{
"name": "92622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92622"
}
]
}
}

160
2016/4xxx/CVE-2016-4640.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-4640", "ID": "CVE-2016-4640",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-16-435/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-16-435/" "lang": "eng",
}, "value": "Login Window in Apple OS X before 10.11.6 allows attackers to execute arbitrary code in a privileged context, obtain sensitive user information, or cause a denial of service (memory corruption) via a crafted app."
{ }
"name" : "https://support.apple.com/HT206903", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT206903" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2016-07-18-1", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "91824", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/91824" ]
}, },
{ "references": {
"name" : "1036348", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036348" "name": "91824",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/91824"
} },
} {
"name": "APPLE-SA-2016-07-18-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-16-435/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-16-435/"
},
{
"name": "1036348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036348"
},
{
"name": "https://support.apple.com/HT206903",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT206903"
}
]
}
}

200
2016/9xxx/CVE-2016-9131.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9131", "ID": "CVE-2016-9131",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131" "lang": "eng",
}, "value": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query."
{ }
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687", ]
"refsource" : "CONFIRM", },
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://security.netapp.com/advisory/ntap-20180926-0005/", "description": [
"refsource" : "CONFIRM", {
"url" : "https://security.netapp.com/advisory/ntap-20180926-0005/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3758", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2017/dsa-3758" ]
}, },
{ "references": {
"name" : "GLSA-201708-01", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201708-01" "name": "1037582",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037582"
"name" : "RHSA-2017:0062", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0062.html" "name": "GLSA-201708-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201708-01"
"name" : "RHSA-2017:1583", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1583" "name": "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131",
}, "refsource": "CONFIRM",
{ "url": "https://kb.isc.org/article/AA-01439/74/CVE-2016-9131"
"name" : "95386", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95386" "name": "95386",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95386"
"name" : "1037582", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037582" "name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
} "refsource": "CONFIRM",
] "url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
} },
} {
"name": "DSA-3758",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3758"
},
{
"name": "RHSA-2017:1583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "RHSA-2017:0062",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0062.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687"
}
]
}
}

34
2016/9xxx/CVE-2016-9702.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9702", "ID": "CVE-2016-9702",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/9xxx/CVE-2016-9781.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9781", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9781",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

134
2019/1003xxx/CVE-2019-1003026.json
View File

@ -1,69 +1,69 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "kurt@seifried.org", "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED" : "2019-02-19T22:20:51.847679", "DATE_ASSIGNED": "2019-02-19T22:20:51.847679",
"ID" : "CVE-2019-1003026", "ID": "CVE-2019-1003026",
"REQUESTER" : "ml@beckweb.net", "REQUESTER": "ml@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins Mattermost Notification Plugin", "product_name": "Jenkins Mattermost Notification Plugin",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.6.2 and earlier" "version_value": "2.6.2 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins project" "vendor_name": "Jenkins project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-441, CWE-918, CWE-352"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985" "lang": "eng",
}, "value": "A server-side request forgery vulnerability exists in Jenkins Mattermost Notification Plugin 2.6.2 and earlier in MattermostNotifier.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified Mattermost server and room and send a message."
{ }
"name" : "107295", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/107295" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-441, CWE-918, CWE-352"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-02-19/#SECURITY-985"
},
{
"name": "107295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107295"
}
]
}
}

34
2019/2xxx/CVE-2019-2162.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2162", "ID": "CVE-2019-2162",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2330.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2330", "ID": "CVE-2019-2330",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2707.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2707", "ID": "CVE-2019-2707",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2710.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2710", "ID": "CVE-2019-2710",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3364.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3364", "ID": "CVE-2019-3364",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3454.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3454", "ID": "CVE-2019-3454",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3944.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3944", "ID": "CVE-2019-3944",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3960.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3960", "ID": "CVE-2019-3960",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2019/6xxx/CVE-2019-6128.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6128", "ID": "CVE-2019-6128",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugzilla.maptools.org/show_bug.cgi?id=2836", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugzilla.maptools.org/show_bug.cgi?id=2836" "lang": "eng",
}, "value": "The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb."
{ }
"name" : "USN-3906-1", ]
"refsource" : "UBUNTU", },
"url" : "https://usn.ubuntu.com/3906-1/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3906-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3906-1/"
},
{
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2836",
"refsource": "MISC",
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2836"
}
]
}
}

34
2019/6xxx/CVE-2019-6454.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6454", "ID": "CVE-2019-6454",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6909.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6909", "ID": "CVE-2019-6909",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6999.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6999", "ID": "CVE-2019-6999",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7033.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7033", "ID": "CVE-2019-7033",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7280.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7280", "ID": "CVE-2019-7280",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7303.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7303", "ID": "CVE-2019-7303",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2019/7xxx/CVE-2019-7651.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7651", "ID": "CVE-2019-7651",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories \"inside\" the \\\\.\\EPP device are not properly protected, leading to unintended impersonation or object creation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/" "lang": "eng",
}, "value": "EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories \"inside\" the \\\\.\\EPP device are not properly protected, leading to unintended impersonation or object creation."
{ }
"name" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md", ]
"refsource" : "MISC", },
"url" : "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html", "description": [
"refsource" : "MISC", {
"url" : "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md",
"refsource": "MISC",
"url": "https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-01-09-emsisoft-Anti-Malware-bypass.md"
},
{
"name": "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html",
"refsource": "MISC",
"url": "https://nafiez.github.io/security/bypass/2019/01/08/emsisoft-Anti-Malware-bypass.html"
},
{
"name": "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/",
"refsource": "MISC",
"url": "https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/"
}
]
}
}

34
2019/8xxx/CVE-2019-8214.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8214", "ID": "CVE-2019-8214",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8305.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8305", "ID": "CVE-2019-8305",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8818.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8818", "ID": "CVE-2019-8818",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8876.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8876", "ID": "CVE-2019-8876",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9087.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9087", "ID": "CVE-2019-9087",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/9xxx/CVE-2019-9687.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9687", "ID": "CVE-2019-9687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://sourceforge.net/p/podofo/code/1969", "description_data": [
"refsource" : "MISC", {
"url" : "https://sourceforge.net/p/podofo/code/1969" "lang": "eng",
} "value": "PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceforge.net/p/podofo/code/1969",
"refsource": "MISC",
"url": "https://sourceforge.net/p/podofo/code/1969"
}
]
}
}