admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:54:24 +00:00
parent b93ee42f22
commit 97a4ac4400
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
51 changed files with 2889 additions and 2889 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
1999/0xxx/CVE-1999-0322.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0322",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The open() function in FreeBSD allows local attackers to write to arbitrary files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "6092",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/6092"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The open() function in FreeBSD allows local attackers to write to arbitrary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6092",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6092"
}
]
}
}

128
1999/0xxx/CVE-1999-0756.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-0756",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "ASB99-07",
"refsource" : "ALLAIRE",
"url" : "http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full"
},
{
"name" : "coldfusion-admin-dos(2207)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2207"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ASB99-07",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/handlers/index.cfm?ID=10968&Method=Full"
},
{
"name": "coldfusion-admin-dos(2207)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2207"
}
]
}
}

138
1999/1xxx/CVE-1999-1519.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-1999-1519",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1519",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "19991117 Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=94286244700573&w=2"
},
{
"name" : "805",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/805"
},
{
"name" : "g6ftp-username-dos(3513)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3513"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "g6ftp-username-dos(3513)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3513"
},
{
"name": "19991117 Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=94286244700573&w=2"
},
{
"name": "805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/805"
}
]
}
}

158
2000/1xxx/CVE-2000-1208.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2000-1208",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20000925 Format strings: bug #1: BSD-lpr",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=96994604300675&w=2"
},
{
"name" : "RHSA-2000:066",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2000-066.html"
},
{
"name" : "20001004 Immunix OS Security Update for lpr",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/137555"
},
{
"name" : "lpr-checkremote-format-string(5286)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/5286.php"
},
{
"name" : "1711",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/1711"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000925 Format strings: bug #1: BSD-lpr",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=96994604300675&w=2"
},
{
"name": "lpr-checkremote-format-string(5286)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/5286.php"
},
{
"name": "1711",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1711"
},
{
"name": "20001004 Immunix OS Security Update for lpr",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/137555"
},
{
"name": "RHSA-2000:066",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-066.html"
}
]
}
}

188
2005/2xxx/CVE-2005-2071.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2071",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2071",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050624 Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111963068714114&w=2"
},
{
"name" : "20050624 Re: Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111964580023012&w=2"
},
{
"name" : "20050624 Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111963809801731&w=2"
},
{
"name" : "102060",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102060-1"
},
{
"name" : "14049",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14049"
},
{
"name" : "ADV-2005-2564",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2564"
},
{
"name" : "1015261",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015261"
},
{
"name" : "17708",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17708"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050624 Re: Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111964580023012&w=2"
},
{
"name": "20050624 Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111963068714114&w=2"
},
{
"name": "20050624 Re: [Full-disclosure] Solaris 10 /usr/sbin/traceroute vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=111963809801731&w=2"
},
{
"name": "102060",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102060-1"
},
{
"name": "1015261",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015261"
},
{
"name": "ADV-2005-2564",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2564"
},
{
"name": "14049",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14049"
},
{
"name": "17708",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17708"
}
]
}
}

158
2005/2xxx/CVE-2005-2592.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2592",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en",
"refsource" : "MISC",
"url" : "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en"
},
{
"name" : "14562",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14562"
},
{
"name" : "18756",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/18756"
},
{
"name" : "16408",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/16408"
},
{
"name" : "mindalign-bypass-authentication(21838)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21838"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Parlano MindAlign 5.0 and later versions allows remote attackers to bypass authentication via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "mindalign-bypass-authentication(21838)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21838"
},
{
"name": "18756",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/18756"
},
{
"name": "14562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14562"
},
{
"name": "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/br-20050812-00673.html?lang=en"
},
{
"name": "16408",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16408"
}
]
}
}

128
2005/2xxx/CVE-2005-2690.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2690",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2690",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050822 [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/408818"
},
{
"name" : "14636",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/14636"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Downloads module in PostNuke 0.760-RC4b allows PostNuke administrators to execute arbitrary SQL commands via the show parameter to dl-viewdownload.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "14636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14636"
},
{
"name": "20050822 [SECURITYREASON.COM] Multiple vulnerabilities in PostNuke 0.760-RC4b=>x cXIb8O3.15",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/408818"
}
]
}
}

138
2005/2xxx/CVE-2005-2881.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2881",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20050905 phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=112605610624004&w=2"
},
{
"name" : "http://rgod.altervista.org/phpccal.html",
"refsource" : "MISC",
"url" : "http://rgod.altervista.org/phpccal.html"
},
{
"name" : "phpcommunitycalendar-admin-bypass-security(22182)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22182"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "phpCommunityCalendar 4.0.3 allows remote attackers to bypass authentication and gain unauthorized access via a direct request to the admin directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050905 phpCommunityCalendar 4.0.3 (possibly prior versions) sql injection / login bypass / cross site scripting",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=112605610624004&w=2"
},
{
"name": "phpcommunitycalendar-admin-bypass-security(22182)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22182"
},
{
"name": "http://rgod.altervista.org/phpccal.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/phpccal.html"
}
]
}
}

268
2005/2xxx/CVE-2005-2978.json
View File

@ -1,137 +1,137 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-2978",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2005-2978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name" : "DSA-878",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2005/dsa-878"
},
{
"name" : "GLSA-200510-18",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name" : "RHSA-2005:793",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name" : "SUSE-SR:2005:024",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name" : "USN-210-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/210-1/"
},
{
"name" : "15128",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/15128"
},
{
"name" : "oval:org.mitre.oval:def:10135",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
},
{
"name" : "ADV-2005-2133",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name" : "1015071",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1015071"
},
{
"name" : "17357",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17357"
},
{
"name" : "17221",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17221"
},
{
"name" : "17222",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17222"
},
{
"name" : "17256",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17256"
},
{
"name" : "17265",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17265"
},
{
"name" : "17282",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/17282"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pnmtopng in netpbm before 10.25, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-210-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/210-1/"
},
{
"name": "1015071",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015071"
},
{
"name": "ADV-2005-2133",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2133"
},
{
"name": "17282",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17282"
},
{
"name": "DSA-878",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-878"
},
{
"name": "17221",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17221"
},
{
"name": "17357",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17357"
},
{
"name": "RHSA-2005:793",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-793.html"
},
{
"name": "17256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17256"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168278"
},
{
"name": "17265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17265"
},
{
"name": "17222",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17222"
},
{
"name": "SUSE-SR:2005:024",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
},
{
"name": "GLSA-200510-18",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200510-18.xml"
},
{
"name": "15128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15128"
},
{
"name": "oval:org.mitre.oval:def:10135",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10135"
}
]
}
}

168
2007/1xxx/CVE-2007-1457.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-1457",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow",
"refsource" : "FULLDISC",
"url" : "http://marc.info/?l=full-disclosure&m=117392197607422&w=2"
},
{
"name" : "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup",
"refsource" : "MISC",
"url" : "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup"
},
{
"name" : "22942",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22942"
},
{
"name" : "ADV-2007-0961",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0961"
},
{
"name" : "34076",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/34076"
},
{
"name" : "24472",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24472"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the urarlib_get function in Christian Scheurer UniquE RAR File Library (unrarlib, aka URARFileLib) 0.4 allows context-dependent attackers to execute arbitrary code via a long (1) filename, (2) rarfile, or (3) libpassword argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup",
"refsource": "MISC",
"url": "http://unrarlib.svn.sourceforge.net/viewvc/unrarlib/tags/unrarlib040/unrarlib/unrarlib.c?revision=3&view=markup"
},
{
"name": "34076",
"refsource": "OSVDB",
"url": "http://osvdb.org/34076"
},
{
"name": "24472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24472"
},
{
"name": "22942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22942"
},
{
"name": "ADV-2007-0961",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0961"
},
{
"name": "20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure&m=117392197607422&w=2"
}
]
}
}

158
2007/5xxx/CVE-2007-5154.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5154",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "JVN#70075625",
"refsource" : "JVN",
"url" : "http://jvn.jp/jp/JVN%2370075625/index.html"
},
{
"name" : "25843",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25843"
},
{
"name" : "41380",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/41380"
},
{
"name" : "27004",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27004"
},
{
"name" : "aipo-aipoasp-session-hijacking(36850)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36850"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#70075625",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2370075625/index.html"
},
{
"name": "41380",
"refsource": "OSVDB",
"url": "http://osvdb.org/41380"
},
{
"name": "aipo-aipoasp-session-hijacking(36850)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36850"
},
{
"name": "27004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27004"
},
{
"name": "25843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25843"
}
]
}
}

178
2007/5xxx/CVE-2007-5252.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2007-5252",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5252",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20071004 DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/481537/100/0/threaded"
},
{
"name" : "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=",
"refsource" : "MISC",
"url" : "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang="
},
{
"name" : "25932",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/25932"
},
{
"name" : "1018774",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1018774"
},
{
"name" : "27082",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27082"
},
{
"name" : "3198",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/3198"
},
{
"name" : "netsupport-unspecified-dos(36963)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36963"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netsupport-unspecified-dos(36963)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36963"
},
{
"name": "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang=",
"refsource": "MISC",
"url": "http://www.netsupportsoftware.com/support/td.asp?td=545&Site=nsltd&Lang="
},
{
"name": "3198",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3198"
},
{
"name": "20071004 DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/481537/100/0/threaded"
},
{
"name": "25932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25932"
},
{
"name": "27082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27082"
},
{
"name": "1018774",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018774"
}
]
}
}

138
2009/2xxx/CVE-2009-2532.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2532",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka \"SMBv2 Command Value Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2009-2532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS09-050",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-050"
},
{
"name" : "TA09-286A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"name" : "oval:org.mitre.oval:def:6336",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6336"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka \"SMBv2 Command Value Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS09-050",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-050"
},
{
"name": "TA09-286A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html"
},
{
"name": "oval:org.mitre.oval:def:6336",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6336"
}
]
}
}

148
2009/2xxx/CVE-2009-2557.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2557",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20090715 Admin News Tools 2.5 Remote File Download Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/504949/100/0/threaded"
},
{
"name" : "9153",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9153"
},
{
"name" : "55856",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/55856"
},
{
"name" : "35842",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35842"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in system/download.php in Admin News Tools 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the fichier parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090715 Admin News Tools 2.5 Remote File Download Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504949/100/0/threaded"
},
{
"name": "9153",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9153"
},
{
"name": "35842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35842"
},
{
"name": "55856",
"refsource": "OSVDB",
"url": "http://osvdb.org/55856"
}
]
}
}

158
2009/2xxx/CVE-2009-2593.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2593",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "9129",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/9129"
},
{
"name" : "35637",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35637"
},
{
"name" : "55790",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/55790"
},
{
"name" : "35787",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35787"
},
{
"name" : "censura-itemid-sql-injection(51663)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51663"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in censura.php in Censura 1.16.04 allows remote attackers to execute arbitrary SQL commands via the itemid parameter in a details action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35787"
},
{
"name": "35637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35637"
},
{
"name": "censura-itemid-sql-injection(51663)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51663"
},
{
"name": "55790",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55790"
},
{
"name": "9129",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9129"
}
]
}
}

32
2009/2xxx/CVE-2009-2728.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-2728",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2728",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

138
2015/0xxx/CVE-2015-0060.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0060",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka \"Windows Font Driver Denial of Service Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2015-0060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS15-010",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010"
},
{
"name" : "72472",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72472"
},
{
"name" : "ms-kmd-cve20150060-dos(100434)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100434"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka \"Windows Font Driver Denial of Service Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-010",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-010"
},
{
"name": "ms-kmd-cve20150060-dos(100434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100434"
},
{
"name": "72472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72472"
}
]
}
}

32
2015/0xxx/CVE-2015-0567.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-0567",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-0567",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2015/3xxx/CVE-2015-3016.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3016",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3016",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

148
2015/3xxx/CVE-2015-3342.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3342",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3342",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6"
},
{
"name" : "https://www.drupal.org/node/2407347",
"refsource" : "MISC",
"url" : "https://www.drupal.org/node/2407347"
},
{
"name" : "https://www.drupal.org/node/2407145",
"refsource" : "CONFIRM",
"url" : "https://www.drupal.org/node/2407145"
},
{
"name" : "72365",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/72365"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in the Ubercart Currency Conversion module before 6.x-1.2 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination query parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "72365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72365"
},
{
"name": "https://www.drupal.org/node/2407145",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/node/2407145"
},
{
"name": "https://www.drupal.org/node/2407347",
"refsource": "MISC",
"url": "https://www.drupal.org/node/2407347"
},
{
"name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/29/6"
}
]
}
}

168
2015/3xxx/CVE-2015-3902.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-3902",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-3902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php",
"refsource" : "CONFIRM",
"url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php"
},
{
"name" : "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83",
"refsource" : "CONFIRM",
"url" : "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83"
},
{
"name" : "DSA-3382",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3382"
},
{
"name" : "openSUSE-SU-2015:1191",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html"
},
{
"name" : "74657",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/74657"
},
{
"name" : "1032404",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032404"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:1191",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00008.html"
},
{
"name": "DSA-3382",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3382"
},
{
"name": "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83",
"refsource": "CONFIRM",
"url": "https://github.com/phpmyadmin/phpmyadmin/commit/ee92eb9bab8e2d546756c1d4aec81ec7c8e44b83"
},
{
"name": "1032404",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032404"
},
{
"name": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php",
"refsource": "CONFIRM",
"url": "http://www.phpmyadmin.net/home_page/security/PMASA-2015-2.php"
},
{
"name": "74657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74657"
}
]
}
}

128
2015/4xxx/CVE-2015-4242.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4242",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20150707 Cisco FireSIGHT Management Center Cross-Site Request Forgery Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39643"
},
{
"name" : "1032806",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032806"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150707 Cisco FireSIGHT Management Center Cross-Site Request Forgery Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39643"
},
{
"name": "1032806",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032806"
}
]
}
}

248
2015/4xxx/CVE-2015-4588.json
View File

@ -1,127 +1,127 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4588",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4588",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20150603 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/06/03/6"
},
{
"name" : "[oss-security] 20150615 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/06/16/4"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1227243",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1227243"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name" : "DSA-3302",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3302"
},
{
"name" : "FEDORA-2015-9674",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html"
},
{
"name" : "GLSA-201602-03",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201602-03"
},
{
"name" : "RHSA-2015:1917",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1917.html"
},
{
"name" : "openSUSE-SU-2015:1132",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html"
},
{
"name" : "openSUSE-SU-2015:1134",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html"
},
{
"name" : "openSUSE-SU-2015:1212",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html"
},
{
"name" : "USN-2670-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2670-1"
},
{
"name" : "75230",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/75230"
},
{
"name" : "1032771",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1032771"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted \"run-length count\" in an image in a WMF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3302",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3302"
},
{
"name": "[oss-security] 20150603 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/03/6"
},
{
"name": "openSUSE-SU-2015:1132",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00051.html"
},
{
"name": "GLSA-201602-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201602-03"
},
{
"name": "FEDORA-2015-9674",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160668.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "USN-2670-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2670-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1227243",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1227243"
},
{
"name": "openSUSE-SU-2015:1134",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00053.html"
},
{
"name": "[oss-security] 20150615 Re: CVE-2015-0848 - Heap overflow on libwmf0.2-7",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/16/4"
},
{
"name": "75230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75230"
},
{
"name": "1032771",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032771"
},
{
"name": "openSUSE-SU-2015:1212",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00018.html"
},
{
"name": "RHSA-2015:1917",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1917.html"
}
]
}
}

128
2015/4xxx/CVE-2015-4762.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4762",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "1033877",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033877"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 and 12.2.4 allows remote authenticated users to affect confidentiality via unknown vectors related to Online patching."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033877",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033877"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
}
]
}
}

128
2015/4xxx/CVE-2015-4799.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-4799",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2015-4799",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name" : "1033898",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1033898"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.1, and 11.1.1.8.0 allows remote attackers to affect integrity via unknown vectors related to Security."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1033898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033898"
}
]
}
}

128
2015/8xxx/CVE-2015-8084.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8084",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm",
"refsource" : "CONFIRM",
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"name" : "77300",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/77300"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when \"DHCP Snooping\" is enabled and either \"option82 insert\" or \"option82 rebuild\" is enabled on an interface, allow remote attackers to cause a denial of service (reboot) via crafted DHCP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-457916.htm"
},
{
"name": "77300",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77300"
}
]
}
}

32
2015/8xxx/CVE-2015-8493.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8493",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8493",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

148
2015/8xxx/CVE-2015-8577.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8577",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8577",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations",
"refsource" : "MISC",
"url" : "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"name" : "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/",
"refsource" : "MISC",
"url" : "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10142",
"refsource" : "CONFIRM",
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10142"
},
{
"name" : "78810",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/78810"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/78810"
},
{
"name": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/",
"refsource": "MISC",
"url": "http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/"
},
{
"name": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations",
"refsource": "MISC",
"url": "http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10142",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10142"
}
]
}
}

158
2015/8xxx/CVE-2015-8742.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8742",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8742",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-60.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-60.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d"
},
{
"name" : "GLSA-201604-05",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201604-05"
},
{
"name" : "1034551",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1034551"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d48b0eff28c995947ac3f8d842ddd9b50dd5798d"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-60.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-60.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11931"
},
{
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
}
]
}
}

32
2015/8xxx/CVE-2015-8908.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8908",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2015-8908",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
}
]
}
}

130
2015/9xxx/CVE-2015-9184.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00",
"ID" : "CVE-2015-9184",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : {
"version_data" : [
{
"version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835"
}
]
}
}
]
},
"vendor_name" : "Qualcomm, Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Buffer over-read vulnerability in QTEE"
}
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2018-04-02T00:00:00",
"ID": "CVE-2015-9184",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version": {
"version_data": [
{
"version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2018-04-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name" : "103671",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103671"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer over-read vulnerability in QTEE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

128
2016/1xxx/CVE-2016-1064.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-1064",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
},
{
"name" : "1035828",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1035828"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035828"
},
{
"name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html"
}
]
}
}

168
2016/5xxx/CVE-2016-5761.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-5761",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2016-5761",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/539296/100/0/threaded"
},
{
"name" : "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise",
"refsource" : "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2016/Aug/123"
},
{
"name" : "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html",
"refsource" : "MISC",
"url" : "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html"
},
{
"name" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt",
"refsource" : "MISC",
"url" : "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt"
},
{
"name" : "https://www.novell.com/support/kb/doc.php?id=7017974",
"refsource" : "CONFIRM",
"url" : "https://www.novell.com/support/kb/doc.php?id=7017974"
},
{
"name" : "92645",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/92645"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/138503/Micro-Focus-GroupWise-Cross-Site-Scripting-Overflows.html"
},
{
"name": "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/539296/100/0/threaded"
},
{
"name": "92645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92645"
},
{
"name": "20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Aug/123"
},
{
"name": "https://www.novell.com/support/kb/doc.php?id=7017974",
"refsource": "CONFIRM",
"url": "https://www.novell.com/support/kb/doc.php?id=7017974"
},
{
"name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt",
"refsource": "MISC",
"url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20160825-0_Micro_Focus_GroupWise_Multiple_vulnerabilities_v10.txt"
}
]
}
}

32
2018/2xxx/CVE-2018-2140.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2140",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2140",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

32
2018/2xxx/CVE-2018-2194.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-2194",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-2194",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none."
}
]
}
}

180
2018/2xxx/CVE-2018-2405.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2405",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Solution Manager",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.10"
},
{
"version_affected" : "=",
"version_value" : "7.20"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting."
}
]
},
"impact" : {
"cvss" : {
"attackComplexity" : "LOW",
"attackVector" : "NETWORK",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"privilegesRequired" : "LOW",
"scope" : "CHANGED",
"userInteraction" : "REQUIRED",
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version" : "3.0"
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Solution Manager",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.10"
},
{
"version_affected": "=",
"version_value": "7.20"
}
]
}
}
]
},
"vendor_name": "SAP SE"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://launchpad.support.sap.com/#/notes/2372688",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2372688"
},
{
"name" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/",
"refsource" : "CONFIRM",
"url" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/"
},
{
"name" : "103703",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103703"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103703",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103703"
},
{
"name": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2372688",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2372688"
}
]
}
}

146
2018/2xxx/CVE-2018-2466.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2466",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Data Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "4.2"
}
]
}
}
]
},
"vendor_name" : "SAP"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Data Services",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.2"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://launchpad.support.sap.com/#/notes/2618337",
"refsource" : "MISC",
"url" : "https://launchpad.support.sap.com/#/notes/2618337"
},
{
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource" : "CONFIRM",
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"name" : "105529",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105529"
}
]
},
"source" : {
"discovery" : "UNKNOWN"
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2618337",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2618337"
},
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095",
"refsource": "CONFIRM",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=500633095"
},
{
"name": "105529",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105529"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

180
2018/2xxx/CVE-2018-2810.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secalert_us@oracle.com",
"ID" : "CVE-2018-2810",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "MySQL Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "5.7.21 and prior"
}
]
}
}
]
},
"vendor_name" : "Oracle Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2810",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MySQL Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.7.21 and prior"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name" : "https://security.netapp.com/advisory/ntap-20180419-0002/",
"refsource" : "CONFIRM",
"url" : "https://security.netapp.com/advisory/ntap-20180419-0002/"
},
{
"name" : "RHSA-2018:3655",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3655"
},
{
"name" : "USN-3629-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3629-1/"
},
{
"name" : "USN-3629-3",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/3629-3/"
},
{
"name" : "103783",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103783"
},
{
"name" : "1040698",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1040698"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040698",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040698"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180419-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180419-0002/"
},
{
"name": "RHSA-2018:3655",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3655"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "103783",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103783"
},
{
"name": "USN-3629-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-1/"
},
{
"name": "USN-3629-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3629-3/"
}
]
}
}

32
2018/6xxx/CVE-2018-6688.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6688",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6688",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

150
2018/6xxx/CVE-2018-6971.json
View File

@ -1,78 +1,78 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@vmware.com",
"DATE_PUBLIC" : "2018-07-19T00:00:00",
"ID" : "CVE-2018-6971",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Horizon View Agent",
"version" : {
"version_data" : [
{
"version_value" : "7.x.x before 7.5.1"
}
]
}
}
]
},
"vendor_name" : "VMware"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Local information disclosure vulnerability"
}
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-07-19T00:00:00",
"ID": "CVE-2018-6971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Horizon View Agent",
"version": {
"version_data": [
{
"version_value": "7.x.x before 7.5.1"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.vmware.com/security/advisories/VMSA-2018-0018.html",
"refsource" : "CONFIRM",
"url" : "https://www.vmware.com/security/advisories/VMSA-2018-0018.html"
},
{
"name" : "104883",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104883"
},
{
"name" : "1041357",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041357"
},
{
"name" : "1041358",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1041358"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1041357",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041357"
},
{
"name": "104883",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104883"
},
{
"name": "1041358",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041358"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html"
}
]
}
}

32
2019/0xxx/CVE-2019-0467.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0467",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0467",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/0xxx/CVE-2019-0487.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0487",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0487",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/0xxx/CVE-2019-0679.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0679",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0679",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/0xxx/CVE-2019-0817.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-0817",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0817",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/1xxx/CVE-2019-1001.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1001",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1001",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/1xxx/CVE-2019-1145.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1145",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1145",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/1xxx/CVE-2019-1270.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1270",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1270",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/1xxx/CVE-2019-1419.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-1419",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-1419",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2019/5xxx/CVE-2019-5288.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5288",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5288",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

128
2019/5xxx/CVE-2019-5884.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5884",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5884",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316",
"refsource" : "MISC",
"url" : "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316"
},
{
"name" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.45",
"refsource" : "MISC",
"url" : "https://github.com/Studio-42/elFinder/releases/tag/2.1.45"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "php/elFinder.class.php in elFinder before 2.1.45 leaks information if PHP's curl extension is enabled and safe_mode or open_basedir is not set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Studio-42/elFinder/releases/tag/2.1.45",
"refsource": "MISC",
"url": "https://github.com/Studio-42/elFinder/releases/tag/2.1.45"
},
{
"name": "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316",
"refsource": "MISC",
"url": "https://github.com/Studio-42/elFinder/commit/f133163f2d754584de65d718b2fde96191557316"
}
]
}
}

32
2019/5xxx/CVE-2019-5988.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2019-5988",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-5988",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}