admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 21:36:53 +00:00
parent 3e0edc1077
commit 972b850b38
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 3260 additions and 3260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
2007/0xxx/CVE-2007-0051.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0051", "ID": "CVE-2007-0051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070104 DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability'", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455968/100/0/threaded" "lang": "eng",
}, "value": "Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows remote user-assisted attackers to execute arbitrary code via a crafted photocast with format string specifiers in the title of an RSS iPhoto feed."
{ }
"name" : "20070104 DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability'", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0100.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://projects.info-pull.com/moab/MOAB-04-01-2007.html", "description": [
"refsource" : "MISC", {
"url" : "http://projects.info-pull.com/moab/MOAB-04-01-2007.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.digitalmunition.com/DMA[2007-0104a].txt", ]
"refsource" : "MISC", }
"url" : "http://www.digitalmunition.com/DMA[2007-0104a].txt" ]
}, },
{ "references": {
"name" : "3080", "reference_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/3080" "name": "23615",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23615"
"name" : "http://docs.info.apple.com/article.html?artnum=305215", },
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305215" "name": "20070104 DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability'",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455968/100/0/threaded"
"name" : "APPLE-SA-2007-03-13", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/Mar//msg00003.html" "name": "21871",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21871"
"name" : "21871", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21871" "name": "http://projects.info-pull.com/moab/MOAB-04-01-2007.html",
}, "refsource": "MISC",
{ "url": "http://projects.info-pull.com/moab/MOAB-04-01-2007.html"
"name" : "ADV-2007-0057", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0057" "name": "http://docs.info.apple.com/article.html?artnum=305215",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305215"
"name" : "31165", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/31165" "name": "31165",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/31165"
"name" : "23615", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23615" "name": "20070104 DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability'",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0100.html"
"name" : "iphoto-xmltitle-format-string(31281)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31281" "name": "APPLE-SA-2007-03-13",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2007/Mar//msg00003.html"
} },
} {
"name": "ADV-2007-0057",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0057"
},
{
"name": "http://www.digitalmunition.com/DMA[2007-0104a].txt",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/DMA[2007-0104a].txt"
},
{
"name": "iphoto-xmltitle-format-string(31281)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31281"
},
{
"name": "3080",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3080"
}
]
}
}

240
2007/0xxx/CVE-2007-0274.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0274", "ID": "CVE-2007-0274",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070125 Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458126/100/0/threaded" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL."
{ }
"name" : "20070125 Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/458112/100/100/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458475/100/100/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20070124 Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/458037/100/0/threaded" ]
}, },
{ "references": {
"name" : "20070124 Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL", "reference_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/458041/100/0/threaded" "name": "20070124 Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/458037/100/0/threaded"
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" "name": "20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/458475/100/100/threaded"
"name" : "TA07-017A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" "name": "23794",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23794"
"name" : "22083", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22083" "name": "20070125 Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/458126/100/0/threaded"
"name" : "32914", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32914" "name": "32915",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32915"
"name" : "32915", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32915" "name": "22083",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22083"
"name" : "1017522", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017522" "name": "20070125 Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/458112/100/100/threaded"
"name" : "23794", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23794" "name": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html"
"name" : "oracle-cpu-jan2007(31541)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" "name": "TA07-017A",
} "refsource": "CERT",
] "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html"
} },
} {
"name": "oracle-cpu-jan2007(31541)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541"
},
{
"name": "1017522",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017522"
},
{
"name": "20070124 Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458041/100/0/threaded"
},
{
"name": "32914",
"refsource": "OSVDB",
"url": "http://osvdb.org/32914"
}
]
}
}

220
2007/3xxx/CVE-2007-3566.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3566", "ID": "CVE-2007-3566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/474561/100/0/threaded" "lang": "eng",
}, "value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
{ }
"name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13", ]
"refsource" : "MISC", },
"url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered", "description": [
"refsource" : "MISC", {
"url" : "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.codegear.com/downloads/regusers/interbase", ]
"refsource" : "MISC", }
"url" : "http://www.codegear.com/downloads/regusers/interbase" ]
}, },
{ "references": {
"name" : "25048", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25048" "name": "interbase-create-bo(35574)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
"name" : "ADV-2007-2642", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2642" "name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
"name" : "38602", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38602" "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13",
}, "refsource": "MISC",
{ "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
"name" : "1018451", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018451" "name": "26189",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26189"
"name" : "26189", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26189" "name": "25048",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25048"
"name" : "2929", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2929" "name": "ADV-2007-2642",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2642"
"name" : "interbase-create-bo(35574)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574" "name": "2929",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/2929"
} },
} {
"name": "1018451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"refsource": "OSVDB",
"url": "http://osvdb.org/38602"
},
{
"name": "http://www.codegear.com/downloads/regusers/interbase",
"refsource": "MISC",
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
]
}
}

190
2007/3xxx/CVE-2007-3891.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2007-3891", "ID": "CVE-2007-3891",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS07-048", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-048" "lang": "eng",
}, "value": "Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes."
{ }
"name" : "TA07-226A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-226A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#542808", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/542808" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25306", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25306" ]
}, },
{ "references": {
"name" : "ADV-2007-2872", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2872" "name": "oval:org.mitre.oval:def:2071",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2071"
"name" : "oval:org.mitre.oval:def:2071", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2071" "name": "26439",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26439"
"name" : "1018566", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018566" "name": "TA07-226A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-226A.html"
"name" : "26439", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26439" "name": "ADV-2007-2872",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/2872"
} },
} {
"name": "1018566",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018566"
},
{
"name": "VU#542808",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542808"
},
{
"name": "MS07-048",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-048"
},
{
"name": "25306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25306"
}
]
}
}

180
2007/3xxx/CVE-2007-3923.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3923", "ID": "CVE-2007-3923",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070718 Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software", "description_data": [
"refsource" : "CISCO", {
"url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml" "lang": "eng",
}, "value": "The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445."
{ }
"name" : "24956", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/24956" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-2572", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/2572" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "36120", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/36120" ]
}, },
{ "references": {
"name" : "1018416", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018416" "name": "20070718 Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Software",
}, "refsource": "CISCO",
{ "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtml"
"name" : "26122", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26122" "name": "ADV-2007-2572",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/2572"
"name" : "cisco-waas-edgeservice-dos(35477)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35477" "name": "24956",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/24956"
} },
} {
"name": "36120",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36120"
},
{
"name": "cisco-waas-edgeservice-dos(35477)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35477"
},
{
"name": "1018416",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018416"
},
{
"name": "26122",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26122"
}
]
}
}

180
2007/3xxx/CVE-2007-3955.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3955", "ID": "CVE-2007-3955",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4217", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4217" "lang": "eng",
}, "value": "Buffer overflow in the IEToolbar.IEContextMenu.1 ActiveX control in LinkedInIEToolbar.dll in the LinkedIn Toolbar 3.0.2.1098 allows remote attackers to execute arbitrary code via a long second argument (varBrowser argument) to the search method. NOTE: some of these details are obtained from third party information."
{ }
"name" : "http://www.vdalabs.com/tools/linkedin.html", ]
"refsource" : "MISC", },
"url" : "http://www.vdalabs.com/tools/linkedin.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25032", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25032" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2620", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2620" ]
}, },
{ "references": {
"name" : "37696", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37696" "name": "http://www.vdalabs.com/tools/linkedin.html",
}, "refsource": "MISC",
{ "url": "http://www.vdalabs.com/tools/linkedin.html"
"name" : "26181", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26181" "name": "37696",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/37696"
"name" : "linkedin-ietoolbar-search-bo(35578)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35578" "name": "linkedin-ietoolbar-search-bo(35578)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35578"
} },
} {
"name": "26181",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26181"
},
{
"name": "25032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25032"
},
{
"name": "4217",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4217"
},
{
"name": "ADV-2007-2620",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2620"
}
]
}
}

160
2007/4xxx/CVE-2007-4627.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4627", "ID": "CVE-2007-4627",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in ABC eStore 3.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4338", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4338" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in ABC eStore 3.0 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter."
{ }
"name" : "25476", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25476" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-3037", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3037" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "38434", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/38434" ]
}, },
{ "references": {
"name" : "abcestore-index-sql-injection(36313)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36313" "name": "ADV-2007-3037",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3037"
} },
} {
"name": "4338",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4338"
},
{
"name": "38434",
"refsource": "OSVDB",
"url": "http://osvdb.org/38434"
},
{
"name": "25476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25476"
},
{
"name": "abcestore-index-sql-injection(36313)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36313"
}
]
}
}

470
2007/4xxx/CVE-2007-4738.json
View File

@ -1,237 +1,237 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4738", "ID": "CVE-2007-4738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "25525", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25525" "lang": "eng",
}, "value": "Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) db_conf or (2) ADODB_DIR parameter to utils/stphpimage_show.php; or a URL in the STPHPLIB_DIR parameter to (3) stphpbutton.php, (4) stphpcheckbox.php, (5) stphpcheckboxwithcaption.php, (6) stphpcheckgroup.php, (7) stphpcomponent.php, (8) stphpcontrolwithcaption.php, (9) stphpedit.php, (10) stphpeditwithcaption.php, (11) stphphr.php, (12) stphpimage.php, (13) stphpimagewithcaption.php, (14) stphplabel.php, (15) stphplistbox.php, (16) stphplistboxwithcaption.php, (17) stphplocale.php, (18) stphppanel.php, (19) stphpradiobutton.php, (20) stphpradiobuttonwithcaption.php, (21) stphpradiogroup.php, (22) stphprichbutton.php, (23) stphpspacer.php, (24) stphptable.php, (25) stphptablecell.php, (26) stphptablerow.php, (27) stphptabpanel.php, (28) stphptabtitle.php, (29) stphptextarea.php, (30) stphptextareawithcaption.php, (31) stphptoolbar.php, (32) stphpwindow.php, (33) stphpxmldoc.php, or (34) stphpxmlelement.php, a different set of vectors than CVE-2007-4737. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
{ }
"name" : "39073", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/39073" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39074", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39074" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39075", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/39075" ]
}, },
{ "references": {
"name" : "39076", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39076" "name": "39077",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39077"
"name" : "39077", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39077" "name": "39082",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39082"
"name" : "39078", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39078" "name": "39088",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39088"
"name" : "39079", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39079" "name": "39076",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39076"
"name" : "39080", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39080" "name": "39090",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39090"
"name" : "39081", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39081" "name": "39085",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39085"
"name" : "39082", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39082" "name": "39079",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39079"
"name" : "39083", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39083" "name": "39093",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39093"
"name" : "39084", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39084" "name": "speedtech-stphpimageshow-file-include(36417)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36417"
"name" : "39085", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39085" "name": "39099",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39099"
"name" : "39086", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39086" "name": "39096",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39096"
"name" : "39087", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39087" "name": "39102",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39102"
"name" : "39088", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39088" "name": "39101",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39101"
"name" : "39089", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39089" "name": "39095",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39095"
"name" : "39090", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39090" "name": "39105",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39105"
"name" : "39091", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39091" "name": "39097",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39097"
"name" : "39092", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39092" "name": "39084",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39084"
"name" : "39093", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39093" "name": "39074",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39074"
"name" : "39094", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39094" "name": "39094",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39094"
"name" : "39095", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39095" "name": "39098",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39098"
"name" : "39096", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39096" "name": "39083",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39083"
"name" : "39097", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39097" "name": "39078",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39078"
"name" : "39098", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39098" "name": "39100",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39100"
"name" : "39099", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39099" "name": "39103",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39103"
"name" : "39100", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39100" "name": "39075",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39075"
"name" : "39101", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39101" "name": "39091",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39091"
"name" : "39102", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39102" "name": "25525",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/25525"
"name" : "39103", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39103" "name": "39089",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39089"
"name" : "39104", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39104" "name": "39081",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39081"
"name" : "39105", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39105" "name": "39087",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/39087"
"name" : "26658", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26658" "name": "26658",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26658"
"name" : "speedtech-stphpimageshow-file-include(36417)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36417" "name": "39080",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/39080"
} },
} {
"name": "39104",
"refsource": "OSVDB",
"url": "http://osvdb.org/39104"
},
{
"name": "39073",
"refsource": "OSVDB",
"url": "http://osvdb.org/39073"
},
{
"name": "39092",
"refsource": "OSVDB",
"url": "http://osvdb.org/39092"
},
{
"name": "39086",
"refsource": "OSVDB",
"url": "http://osvdb.org/39086"
}
]
}
}

34
2007/4xxx/CVE-2007-4852.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4852", "ID": "CVE-2007-4852",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

170
2007/6xxx/CVE-2007-6219.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6219", "ID": "CVE-2007-6219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg24017385", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg24017385" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "IY95615", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg1IY95615" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26673", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26673" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-4059", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/4059" ]
}, },
{ "references": {
"name" : "1019026", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019026" "name": "ADV-2007-4059",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/4059"
"name" : "27900", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27900" "name": "IY95615",
} "refsource": "AIXAPAR",
] "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY95615"
} },
} {
"name": "1019026",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019026"
},
{
"name": "27900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27900"
},
{
"name": "26673",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26673"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg24017385",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24017385"
}
]
}
}

160
2007/6xxx/CVE-2007-6648.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6648", "ID": "CVE-2007-6648",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4816", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4816" "lang": "eng",
}, "value": "Directory traversal vulnerability in index.php in SanyBee Gallery 0.1.0 and 0.1.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the p parameter."
{ }
"name" : "27072", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/27072" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "39784", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/39784" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "28270", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/28270" ]
}, },
{ "references": {
"name" : "sanybeegallery-index-file-include(39392)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39392" "name": "28270",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/28270"
} },
} {
"name": "27072",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27072"
},
{
"name": "39784",
"refsource": "OSVDB",
"url": "http://osvdb.org/39784"
},
{
"name": "sanybeegallery-index-file-include(39392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39392"
},
{
"name": "4816",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4816"
}
]
}
}

34
2014/1xxx/CVE-2014-1230.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-1230", "ID": "CVE-2014-1230",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

300
2014/1xxx/CVE-2014-1485.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2014-1485", "ID": "CVE-2014-1485",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-07.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-07.html" "lang": "eng",
}, "value": "The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=910139", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=910139" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://8pecxstudios.com/?page_id=44080", "description": [
"refsource" : "CONFIRM", {
"url" : "https://8pecxstudios.com/?page_id=44080" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" ]
}, },
{ "references": {
"name" : "GLSA-201504-01", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201504-01" "name": "openSUSE-SU-2014:0212",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html"
"name" : "SUSE-SU-2014:0248", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html" "name": "1029717",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1029717"
"name" : "openSUSE-SU-2014:0212", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html" "name": "https://8pecxstudios.com/?page_id=44080",
}, "refsource": "CONFIRM",
{ "url": "https://8pecxstudios.com/?page_id=44080"
"name" : "openSUSE-SU-2014:0419", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" "name": "56787",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/56787"
"name" : "USN-2102-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2102-1" "name": "1029720",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1029720"
"name" : "USN-2102-2", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2102-2" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=910139",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=910139"
"name" : "65322", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/65322" "name": "USN-2102-2",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2102-2"
"name" : "102871", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/102871" "name": "GLSA-201504-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201504-01"
"name" : "1029717", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029717" "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
"name" : "1029720", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1029720" "name": "56888",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/56888"
"name" : "56706", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56706" "name": "openSUSE-SU-2014:0419",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html"
"name" : "56767", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56767" "name": "65322",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/65322"
"name" : "56787", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56787" "name": "firefox-xslt-cve20141485xss(90891)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90891"
"name" : "56888", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56888" "name": "SUSE-SU-2014:0248",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html"
"name" : "firefox-xslt-cve20141485xss(90891)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90891" "name": "USN-2102-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2102-1"
} },
} {
"name": "56767",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56767"
},
{
"name": "102871",
"refsource": "OSVDB",
"url": "http://osvdb.org/102871"
},
{
"name": "56706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56706"
},
{
"name": "http://www.mozilla.org/security/announce/2014/mfsa2014-07.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2014/mfsa2014-07.html"
}
]
}
}

34
2014/5xxx/CVE-2014-5010.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5010", "ID": "CVE-2014-5010",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/5xxx/CVE-2014-5290.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5290", "ID": "CVE-2014-5290",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2015/2xxx/CVE-2015-2441.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-2441", "ID": "CVE-2015-2441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2452."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-079", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-079" "lang": "eng",
}, "value": "Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2452."
{ }
"name" : "MS15-091", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-091" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1033237", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033237" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1033237",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033237"
},
{
"name": "MS15-091",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-091"
},
{
"name": "MS15-079",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-079"
}
]
}
}

140
2015/6xxx/CVE-2015-6389.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-6389", "ID": "CVE-2015-6389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20151209 Cisco Prime Collaboration Assurance Default Account Credential Vulnerability", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-pca" "lang": "eng",
}, "value": "Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707."
{ }
"name" : "78738", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/78738" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1034361", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034361" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "78738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78738"
},
{
"name": "1034361",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034361"
},
{
"name": "20151209 Cisco Prime Collaboration Assurance Default Account Credential Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-pca"
}
]
}
}

130
2015/6xxx/CVE-2015-6531.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6531", "ID": "CVE-2015-6531",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.tenable.com/security/research/tra-2015-02", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.tenable.com/security/research/tra-2015-02" "lang": "eng",
}, "value": "Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file."
{ }
"name" : "76862", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/76862" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2015-02",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2015-02"
},
{
"name": "76862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76862"
}
]
}
}

200
2015/6xxx/CVE-2015-6831.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@suse.com",
"ID" : "CVE-2015-6831", "ID": "CVE-2015-6831",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20150819 CVE Request: more php unserializing issues", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2015/08/19/3" "lang": "eng",
}, "value": "Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization."
{ }
"name" : "http://www.php.net/ChangeLog-5.php", ]
"refsource" : "CONFIRM", },
"url" : "http://www.php.net/ChangeLog-5.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.php.net/bug.php?id=70155", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.php.net/bug.php?id=70155" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.php.net/bug.php?id=70166", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.php.net/bug.php?id=70166" ]
}, },
{ "references": {
"name" : "https://bugs.php.net/bug.php?id=70168", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.php.net/bug.php?id=70168" "name": "DSA-3344",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3344"
"name" : "https://bugs.php.net/bug.php?id=70169", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.php.net/bug.php?id=70169" "name": "76737",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/76737"
"name" : "DSA-3344", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3344" "name": "https://bugs.php.net/bug.php?id=70169",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=70169"
"name" : "GLSA-201606-10", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201606-10" "name": "https://bugs.php.net/bug.php?id=70168",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.php.net/bug.php?id=70168"
"name" : "76737", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/76737" "name": "[oss-security] 20150819 CVE Request: more php unserializing issues",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2015/08/19/3"
} },
} {
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name": "https://bugs.php.net/bug.php?id=70166",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70166"
},
{
"name": "https://bugs.php.net/bug.php?id=70155",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=70155"
},
{
"name": "GLSA-201606-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-10"
}
]
}
}

200
2015/7xxx/CVE-2015-7871.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-7871", "ID": "CVE-2015-7871",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.ntp.org/bin/view/Main/NtpBug2941", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.ntp.org/bin/view/Main/NtpBug2941" "lang": "eng",
}, "value": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274265", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274265" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839", "description": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://security.netapp.com/advisory/ntap-20171004-0001/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20171004-0001/" ]
}, },
{ "references": {
"name" : "DSA-3388", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3388" "name": "http://support.ntp.org/bin/view/Main/NtpBug2941",
}, "refsource": "CONFIRM",
{ "url": "http://support.ntp.org/bin/view/Main/NtpBug2941"
"name" : "GLSA-201604-03", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201604-03" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265"
"name" : "GLSA-201607-15", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201607-15" "name": "1033951",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033951"
"name" : "77287", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77287" "name": "DSA-3388",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3388"
"name" : "1033951", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033951" "name": "77287",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/77287"
} },
} {
"name": "GLSA-201604-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-03"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839"
},
{
"name": "GLSA-201607-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201607-15"
},
{
"name": "https://security.netapp.com/advisory/ntap-20171004-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20171004-0001/"
}
]
}
}

140
2016/0xxx/CVE-2016-0178.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-0178", "ID": "CVE-2016-0178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code via malformed RPC requests, aka \"RPC Network Data Representation Engine Elevation of Privilege Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS16-061", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-061" "lang": "eng",
}, "value": "The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code via malformed RPC requests, aka \"RPC Network Data Representation Engine Elevation of Privilege Vulnerability.\""
{ }
"name" : "90032", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/90032" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035837", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035837" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "MS16-061",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-061"
},
{
"name": "1035837",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035837"
},
{
"name": "90032",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90032"
}
]
}
}

140
2016/0xxx/CVE-2016-0282.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2016-0282", "ID": "CVE-2016-0282",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991722", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991722" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS."
{ }
"name" : "94558", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94558" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1037383", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037383" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
},
{
"name": "1037383",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037383"
},
{
"name": "94558",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94558"
}
]
}
}

130
2016/0xxx/CVE-2016-0427.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-0427", "ID": "CVE-2016-0427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework."
{ }
"name" : "1034734", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034734" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "1034734",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034734"
}
]
}
}

190
2016/0xxx/CVE-2016-0968.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0968", "ID": "CVE-2016-0968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981."
{ }
"name" : "GLSA-201603-07", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201603-07" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:0166", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:0398", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2016:0400", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" "name": "SUSE-SU-2016:0400",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html"
"name" : "openSUSE-SU-2016:0412", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" "name": "1034970",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1034970"
"name" : "openSUSE-SU-2016:0415", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" "name": "GLSA-201603-07",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-07"
"name" : "1034970", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034970" "name": "RHSA-2016:0166",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html"
} },
} {
"name": "openSUSE-SU-2016:0415",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html"
},
{
"name": "openSUSE-SU-2016:0412",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html"
},
{
"name": "SUSE-SU-2016:0398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000188.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-1000188", "ID": "CVE-2016-1000188",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2016/10xxx/CVE-2016-10139.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10139", "ID": "CVE-2016-10139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. Therefore, the app executing as the system user has been granted a number of powerful permissions even though they are not present in the com.adups.fota.sysoper app's AndroidManifest.xml file. This app provides the com.adups.fota app access to the user's call log, text messages, and various device identifiers through the com.adups.fota.sysoper.provider.InfoProvider component. The com.adups.fota app uses timestamps when it runs and is eligible to exfiltrate the user's PII every 72 hours. If 72 hours have passed since the value of the timestamp, then the exfiltration will be triggered by the user plugging in the device to charge or when they leave or enter a wireless network. The exfiltration occurs in the background without any user interaction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.kryptowire.com/adups_security_analysis.html", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.kryptowire.com/adups_security_analysis.html" "lang": "eng",
}, "value": "An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysoper app's AndroidManifest.xml file, it sets the android:sharedUserId attribute to a value of android.uid.system which makes it execute as the system user, which is a very privileged user on the device. Therefore, the app executing as the system user has been granted a number of powerful permissions even though they are not present in the com.adups.fota.sysoper app's AndroidManifest.xml file. This app provides the com.adups.fota app access to the user's call log, text messages, and various device identifiers through the com.adups.fota.sysoper.provider.InfoProvider component. The com.adups.fota app uses timestamps when it runs and is eligible to exfiltrate the user's PII every 72 hours. If 72 hours have passed since the value of the timestamp, then the exfiltration will be triggered by the user plugging in the device to charge or when they leave or enter a wireless network. The exfiltration occurs in the background without any user interaction."
{ }
"name" : "https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html", ]
"refsource" : "MISC", },
"url" : "https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "96858", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96858" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "96858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96858"
},
{
"name": "https://www.kryptowire.com/adups_security_analysis.html",
"refsource": "MISC",
"url": "https://www.kryptowire.com/adups_security_analysis.html"
},
{
"name": "https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html",
"refsource": "MISC",
"url": "https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html"
}
]
}
}

34
2016/10xxx/CVE-2016-10360.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-10360", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-10360",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

180
2016/4xxx/CVE-2016-4148.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4148", "ID": "CVE-2016-4148",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083."
{ }
"name" : "MS16-083", ]
"refsource" : "MS", },
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1238", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1238" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:1613", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:1621", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html" "name": "1036117",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036117"
"name" : "openSUSE-SU-2016:1625", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html" "name": "MS16-083",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083"
"name" : "1036117", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036117" "name": "openSUSE-SU-2016:1625",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html"
} },
} {
"name": "RHSA-2016:1238",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1238"
},
{
"name": "openSUSE-SU-2016:1621",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html"
},
{
"name": "SUSE-SU-2016:1613",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-18.html"
}
]
}
}

180
2016/4xxx/CVE-2016-4240.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4240", "ID": "CVE-2016-4240",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246."
{ }
"name" : "GLSA-201607-03", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201607-03" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1423", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1423" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2016:1826", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2016:1802", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" "name": "SUSE-SU-2016:1826",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html"
"name" : "91725", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/91725" "name": "GLSA-201607-03",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201607-03"
"name" : "1036280", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036280" "name": "openSUSE-SU-2016:1802",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html"
} },
} {
"name": "91725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91725"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html"
},
{
"name": "RHSA-2016:1423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:1423"
},
{
"name": "1036280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036280"
}
]
}
}

34
2016/4xxx/CVE-2016-4297.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4297", "ID": "CVE-2016-4297",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2016/4xxx/CVE-2016-4931.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "sirt@juniper.net",
"ID" : "CVE-2016-4931", "ID": "CVE-2016-4931",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760" "lang": "eng",
}, "value": "XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service."
{ }
"name" : "93540", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93540" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93540",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93540"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760"
}
]
}
}

130
2016/9xxx/CVE-2016-9037.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "talos-cna@cisco.com", "ASSIGNER": "talos-cna@cisco.com",
"ID" : "CVE-2016-9037", "ID": "CVE-2016-9037",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Tarantool", "product_name": "Tarantool",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "1.7.2-0-g8e92715" "version_value": "1.7.2-0-g8e92715"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Tarantool" "vendor_name": "Tarantool"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-125: Out-of-bounds Read"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0255/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0255/" "lang": "eng",
}, "value": "An exploitable out-of-bounds array access vulnerability exists in the xrow_header_decode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's value. This can lead to an out of bounds read within the context of the server. An attacker who exploits this vulnerability can cause a denial of service vulnerability on the server."
{ }
"name" : "95063", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95063" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0255/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0255/"
},
{
"name": "95063",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95063"
}
]
}
}

172
2016/9xxx/CVE-2016-9063.json
View File

@ -1,88 +1,88 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2016-9063", "ID": "CVE-2016-9063",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "50" "version_value": "50"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Possible integer overflow to fix inside XML_Parse in Expat"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1274777", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1274777" "lang": "eng",
}, "value": "An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3898", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-3898" "lang": "eng",
}, "value": "Possible integer overflow to fix inside XML_Parse in Expat"
{ }
"name" : "94337", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94337" ]
}, },
{ "references": {
"name" : "1037298", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037298" "name": "DSA-3898",
}, "refsource": "DEBIAN",
{ "url": "https://www.debian.org/security/2017/dsa-3898"
"name" : "1039427", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039427" "name": "94337",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/94337"
} },
} {
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1274777",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1274777"
},
{
"name": "1037298",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037298"
},
{
"name": "1039427",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039427"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2016-89/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2016-89/"
}
]
}
}

34
2016/9xxx/CVE-2016-9771.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9771", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9771",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2079.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2079", "ID": "CVE-2019-2079",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

168
2019/2xxx/CVE-2019-2503.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2503", "ID": "CVE-2019-2503",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "MySQL Server", "product_name": "MySQL Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.6.42 and prior" "version_value": "5.6.42 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "5.7.24 and prior" "version_value": "5.7.24 and prior"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "8.0.13 and prior" "version_value": "8.0.13 and prior"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-3867-1", "description": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3867-1/" "lang": "eng",
}, "value": "Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
{ }
"name" : "106626", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/106626" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "106626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106626"
},
{
"name": "USN-3867-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3867-1/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190118-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190118-0002/"
}
]
}
}

34
2019/2xxx/CVE-2019-2663.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2663", "ID": "CVE-2019-2663",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3095.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3095", "ID": "CVE-2019-3095",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3416.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3416", "ID": "CVE-2019-3416",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3886.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3886", "ID": "CVE-2019-3886",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3971.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3971", "ID": "CVE-2019-3971",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/6xxx/CVE-2019-6251.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6251", "ID": "CVE-2019-6251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer visit type (e.g., VISIT_LINK, VISIT_TYPED, VISIT_BOOKMARK, or VISIT_HOMEPAGE). This is similar to the CVE-2018-8383 issue in Microsoft Edge."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gitlab.gnome.org/GNOME/epiphany/issues/532", "description_data": [
"refsource" : "MISC", {
"url" : "https://gitlab.gnome.org/GNOME/epiphany/issues/532" "lang": "eng",
} "value": "embed/ephy-web-view.c in GNOME Web (aka Epiphany) through 3.31.4 allows address bar spoofing because a page load triggered by JavaScript leads to updating an address as if it were triggered by a safer visit type (e.g., VISIT_LINK, VISIT_TYPED, VISIT_BOOKMARK, or VISIT_HOMEPAGE). This is similar to the CVE-2018-8383 issue in Microsoft Edge."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitlab.gnome.org/GNOME/epiphany/issues/532",
"refsource": "MISC",
"url": "https://gitlab.gnome.org/GNOME/epiphany/issues/532"
}
]
}
}

130
2019/6xxx/CVE-2019-6703.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6703", "ID": "CVE-2019-6703",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Incorrect access control in migla_ajax_functions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call the miglaA_update_me action to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.wordfence.com/blog/2019/01/wordpress-sites-compromised-via-zero-day-vulnerabilities-in-total-donations-plugin/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.wordfence.com/blog/2019/01/wordpress-sites-compromised-via-zero-day-vulnerabilities-in-total-donations-plugin/" "lang": "eng",
}, "value": "Incorrect access control in migla_ajax_functions.php in the Calmar Webmedia Total Donations plugin through 2.0.5 for WordPress allows unauthenticated attackers to update arbitrary WordPress option values, leading to site takeover. These attackers can send requests to wp-admin/admin-ajax.php to call the miglaA_update_me action to change arbitrary options on affected sites. This can be used to enable new user registration and set the default role for new users to Administrator."
{ }
"name" : "https://wpvulndb.com/vulnerabilities/9208", ]
"refsource" : "MISC", },
"url" : "https://wpvulndb.com/vulnerabilities/9208" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wordfence.com/blog/2019/01/wordpress-sites-compromised-via-zero-day-vulnerabilities-in-total-donations-plugin/",
"refsource": "MISC",
"url": "https://www.wordfence.com/blog/2019/01/wordpress-sites-compromised-via-zero-day-vulnerabilities-in-total-donations-plugin/"
},
{
"name": "https://wpvulndb.com/vulnerabilities/9208",
"refsource": "MISC",
"url": "https://wpvulndb.com/vulnerabilities/9208"
}
]
}
}

34
2019/6xxx/CVE-2019-6740.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6740", "ID": "CVE-2019-6740",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6753.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6753", "ID": "CVE-2019-6753",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6835.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6835", "ID": "CVE-2019-6835",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7021.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7021", "ID": "CVE-2019-7021",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7023.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7023", "ID": "CVE-2019-7023",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7119.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7119", "ID": "CVE-2019-7119",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2019/7xxx/CVE-2019-7395.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7395", "ID": "CVE-2019-7395",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06" "lang": "eng",
}, "value": "In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c."
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/issues/1451", ]
"refsource" : "MISC", },
"url" : "https://github.com/ImageMagick/ImageMagick/issues/1451" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106850", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106850" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/1451",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/issues/1451"
},
{
"name": "106850",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106850"
}
]
}
}

150
2019/7xxx/CVE-2019-7576.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7576", "ID": "CVE-2019-7576",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html" "lang": "eng",
}, "value": "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop)."
{ }
"name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4490", "description": [
"refsource" : "MISC", {
"url" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4490" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720", ]
"refsource" : "MISC", }
"url" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html"
},
{
"name": "https://bugzilla.libsdl.org/show_bug.cgi?id=4490",
"refsource": "MISC",
"url": "https://bugzilla.libsdl.org/show_bug.cgi?id=4490"
},
{
"name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html"
},
{
"name": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720",
"refsource": "MISC",
"url": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720"
}
]
}
}

34
2019/8xxx/CVE-2019-8060.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8060", "ID": "CVE-2019-8060",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2019/8xxx/CVE-2019-8389.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8389", "ID": "CVE-2019-8389",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465", "description_data": [
"refsource" : "MISC", {
"url" : "https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465" "lang": "eng",
} "value": "A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file)."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465",
"refsource": "MISC",
"url": "https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465"
}
]
}
}

34
2019/8xxx/CVE-2019-8801.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8801", "ID": "CVE-2019-8801",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8815.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8815", "ID": "CVE-2019-8815",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8841.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8841", "ID": "CVE-2019-8841",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9788.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9788", "ID": "CVE-2019-9788",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }