admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 07:06:31 +00:00
parent eb3d00d11f
commit 9e527d1afe
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
61 changed files with 3507 additions and 3507 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

260
2007/0xxx/CVE-2007-0044.json
View File

@ -1,132 +1,132 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0044", "ID": "CVE-2007-0044",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka \"Universal CSRF and session riding.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455801/100/0/threaded" "lang": "eng",
}, "value": "Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character, aka \"Universal CSRF and session riding.\""
{ }
"name" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf", ]
"refsource" : "MISC", },
"url" : "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.wisec.it/vulns.php?page=9", "description": [
"refsource" : "MISC", {
"url" : "http://www.wisec.it/vulns.php?page=9" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-200701-16", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-200701-16.xml" ]
}, },
{ "references": {
"name" : "RHSA-2008:0144", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0144.html" "name": "21858",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21858"
"name" : "SUSE-SA:2007:011", },
"refsource" : "SUSE", {
"url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html" "name": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf",
}, "refsource": "MISC",
{ "url": "http://events.ccc.de/congress/2006/Fahrplan/attachments/1158-Subverting_Ajax.pdf"
"name" : "21858", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21858" "name": "23882",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23882"
"name" : "oval:org.mitre.oval:def:10042", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042" "name": "20070103 Adobe Acrobat Reader Plugin - Multiple Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455801/100/0/threaded"
"name" : "ADV-2007-0032", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0032" "name": "ADV-2007-0032",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0032"
"name" : "1017469", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017469" "name": "2090",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2090"
"name" : "23812", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23812" "name": "SUSE-SA:2007:011",
}, "refsource": "SUSE",
{ "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html"
"name" : "23882", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23882" "name": "23812",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23812"
"name" : "29065", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29065" "name": "1017469",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017469"
"name" : "2090", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2090" "name": "oval:org.mitre.oval:def:10042",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10042"
"name" : "adobe-acrobat-pdf-csrf(31266)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31266" "name": "adobe-acrobat-pdf-csrf(31266)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31266"
} },
} {
"name": "29065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29065"
},
{
"name": "GLSA-200701-16",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200701-16.xml"
},
{
"name": "RHSA-2008:0144",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0144.html"
},
{
"name": "http://www.wisec.it/vulns.php?page=9",
"refsource": "MISC",
"url": "http://www.wisec.it/vulns.php?page=9"
}
]
}
}

230
2007/0xxx/CVE-2007-0056.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0056", "ID": "CVE-2007-0056",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070101 AShop Shopping Cart Multiple XSS Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/455629/100/0/threaded" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) ashop/catalogue.php and (b) ashop/basket.php, the (2) exp parameter to ashop/catalogue.php, the (3) searchstring parameter to (c) ashop/search.php, the (4) checkout and (5) action parameters to (d) ashop/shipping.php, the cat parameter to (f) cart-path/admin/editcatalogue.php, and the (7) resultpage parameter to (g) cart-path/admin/salesadmin.php."
{ }
"name" : "21845", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21845" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2007-0028", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/0028" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "32553", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/32553" ]
}, },
{ "references": {
"name" : "32554", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32554" "name": "23547",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23547"
"name" : "32555", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32555" "name": "20070101 AShop Shopping Cart Multiple XSS Vulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/455629/100/0/threaded"
"name" : "32556", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32556" "name": "21845",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/21845"
"name" : "32557", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32557" "name": "2091",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/2091"
"name" : "32558", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/32558" "name": "32553",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32553"
"name" : "23547", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23547" "name": "32556",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32556"
"name" : "2091", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/2091" "name": "32554",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/32554"
"name" : "ashop-multiple-scripts-xss(31178)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31178" "name": "32558",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/32558"
} },
} {
"name": "ashop-multiple-scripts-xss(31178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31178"
},
{
"name": "32555",
"refsource": "OSVDB",
"url": "http://osvdb.org/32555"
},
{
"name": "32557",
"refsource": "OSVDB",
"url": "http://osvdb.org/32557"
},
{
"name": "ADV-2007-0028",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0028"
}
]
}
}

140
2007/0xxx/CVE-2007-0644.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0644", "ID": "CVE-2007-0644",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.digitalmunition.com/MOAB-30-01-2007.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.digitalmunition.com/MOAB-30-01-2007.html" "lang": "eng",
}, "value": "Format string vulnerability in Apple Safari 2.0.4 (419.3) allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in filenames that are not properly handled when calling the (1) NSLog and (2) NSBeginAlertSheet Apple AppKit functions."
{ }
"name" : "22326", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/22326" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32710", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/32710" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "22326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22326"
},
{
"name": "32710",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/32710"
},
{
"name": "http://www.digitalmunition.com/MOAB-30-01-2007.html",
"refsource": "MISC",
"url": "http://www.digitalmunition.com/MOAB-30-01-2007.html"
}
]
}
}

210
2007/0xxx/CVE-2007-0803.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0803", "ID": "CVE-2007-0803",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) \"print floats\" and (2) a missing null termination in the \"rope constructor.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=483468", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=483468" "lang": "eng",
}, "value": "Multiple buffer overflows in STLport before 5.0.3 allow remote attackers to execute arbitrary code via unspecified vectors relating to (1) \"print floats\" and (2) a missing null termination in the \"rope constructor.\""
{ }
"name" : "GLSA-200703-07", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-200703-07.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22423", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22423" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0498", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0498" ]
}, },
{ "references": {
"name" : "33106", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33106" "name": "22423",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/22423"
"name" : "33107", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33107" "name": "stlport-rope-constructors-bo(32244)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32244"
"name" : "24024", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24024" "name": "http://sourceforge.net/project/shownotes.php?release_id=483468",
}, "refsource": "CONFIRM",
{ "url": "http://sourceforge.net/project/shownotes.php?release_id=483468"
"name" : "24428", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24428" "name": "24024",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/24024"
"name" : "stlport-printed-floats-bo(32242)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32242" "name": "stlport-printed-floats-bo(32242)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32242"
"name" : "stlport-rope-constructors-bo(32244)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32244" "name": "33106",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/33106"
} },
} {
"name": "ADV-2007-0498",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0498"
},
{
"name": "GLSA-200703-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200703-07.xml"
},
{
"name": "33107",
"refsource": "OSVDB",
"url": "http://osvdb.org/33107"
},
{
"name": "24428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24428"
}
]
}
}

180
2007/0xxx/CVE-2007-0827.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-0827", "ID": "CVE-2007-0827",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070207 Alibaba Alipay Remote Code Execute Vulnerability-0DAY", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052250.html" "lang": "eng",
}, "value": "The Alibaba Alipay PTA Module ActiveX control (PTA.DLL) allows remote attackers to execute arbitrary code via a JavaScript function that invokes the Remove method with an invalid index argument, which is used as an offset for a function call."
{ }
"name" : "3279", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/3279" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "22446", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/22446" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-0520", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/0520" ]
}, },
{ "references": {
"name" : "33123", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/33123" "name": "ADV-2007-0520",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/0520"
"name" : "24063", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/24063" "name": "20070207 Alibaba Alipay Remote Code Execute Vulnerability-0DAY",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052250.html"
"name" : "alipay-activex-code-execution(32367)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32367" "name": "24063",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/24063"
} },
} {
"name": "alipay-activex-code-execution(32367)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32367"
},
{
"name": "22446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22446"
},
{
"name": "33123",
"refsource": "OSVDB",
"url": "http://osvdb.org/33123"
},
{
"name": "3279",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3279"
}
]
}
}

150
2007/3xxx/CVE-2007-3465.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3465", "ID": "CVE-2007-3465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070626 Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe@Office Device", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/472290/100/0/threaded" "lang": "eng",
}, "value": "Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, has a certain default password."
{ }
"name" : "http://labs.calyptix.com/CX-2007-04.php", ]
"refsource" : "MISC", },
"url" : "http://labs.calyptix.com/CX-2007-04.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://labs.calyptix.com/CX-2007-04.txt", "description": [
"refsource" : "MISC", {
"url" : "http://labs.calyptix.com/CX-2007-04.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "41433", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/41433" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://labs.calyptix.com/CX-2007-04.php",
"refsource": "MISC",
"url": "http://labs.calyptix.com/CX-2007-04.php"
},
{
"name": "http://labs.calyptix.com/CX-2007-04.txt",
"refsource": "MISC",
"url": "http://labs.calyptix.com/CX-2007-04.txt"
},
{
"name": "41433",
"refsource": "OSVDB",
"url": "http://osvdb.org/41433"
},
{
"name": "20070626 Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe@Office Device",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/472290/100/0/threaded"
}
]
}
}

180
2007/3xxx/CVE-2007-3510.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3510", "ID": "CVE-2007-3510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071023 IBM Lotus Domino IMAP Buffer Overflow Vulnerability", "description_data": [
"refsource" : "IDEFENSE", {
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605" "lang": "eng",
}, "value": "Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name."
{ }
"name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21270623", ]
"refsource" : "CONFIRM", },
"url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21270623" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "26176", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/26176" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3598", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3598" ]
}, },
{ "references": {
"name" : "1018854", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018854" "name": "domino-imap-bo(37365)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37365"
"name" : "27321", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27321" "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21270623",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21270623"
"name" : "domino-imap-bo(37365)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37365" "name": "ADV-2007-3598",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2007/3598"
} },
} {
"name": "20071023 IBM Lotus Domino IMAP Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605"
},
{
"name": "26176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26176"
},
{
"name": "27321",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27321"
},
{
"name": "1018854",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018854"
}
]
}
}

150
2007/3xxx/CVE-2007-3773.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-3773", "ID": "CVE-2007-3773",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070706 Another You tube clone script vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/473192/100/0/threaded" "lang": "eng",
}, "value": "Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators."
{ }
"name" : "http://chxsecurity.org/advisories/adv-2-mid.txt", ]
"refsource" : "MISC", },
"url" : "http://chxsecurity.org/advisories/adv-2-mid.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "38692", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/38692" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2896", ]
"refsource" : "SREASON", }
"url" : "http://securityreason.com/securityalert/2896" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://chxsecurity.org/advisories/adv-2-mid.txt",
"refsource": "MISC",
"url": "http://chxsecurity.org/advisories/adv-2-mid.txt"
},
{
"name": "20070706 Another You tube clone script vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/473192/100/0/threaded"
},
{
"name": "38692",
"refsource": "OSVDB",
"url": "http://osvdb.org/38692"
},
{
"name": "2896",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2896"
}
]
}
}

180
2007/4xxx/CVE-2007-4231.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4231", "ID": "CVE-2007-4231",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in order/login.php in IDevSpot PhpHostBot 1.06 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the svr_rootscript parameter, a different vector than CVE-2007-4094 and CVE-2006-3776."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "4267", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/4267" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in order/login.php in IDevSpot PhpHostBot 1.06 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the svr_rootscript parameter, a different vector than CVE-2007-4094 and CVE-2006-3776."
{ }
"name" : "http://advisories.echo.or.id/adv/adv83-K-159-2007.txt", ]
"refsource" : "MISC", },
"url" : "http://advisories.echo.or.id/adv/adv83-K-159-2007.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25221", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25221" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-2811", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/2811" ]
}, },
{ "references": {
"name" : "36296", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/36296" "name": "26356",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/26356"
"name" : "26356", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26356" "name": "phphostbot-login-file-include(35834)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35834"
"name" : "phphostbot-login-file-include(35834)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35834" "name": "36296",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/36296"
} },
} {
"name": "ADV-2007-2811",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2811"
},
{
"name": "http://advisories.echo.or.id/adv/adv83-K-159-2007.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv83-K-159-2007.txt"
},
{
"name": "4267",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4267"
},
{
"name": "25221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25221"
}
]
}
}

150
2007/4xxx/CVE-2007-4458.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4458", "ID": "CVE-2007-4458",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in includes/class/class_tpl.php in Firesoft allows remote attackers to execute arbitrary PHP code via a URL in the cache_file parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070819 Firesoft Remote File Inclusion", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/477243/100/0/threaded" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in includes/class/class_tpl.php in Firesoft allows remote attackers to execute arbitrary PHP code via a URL in the cache_file parameter."
{ }
"name" : "25366", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/25366" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "37699", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37699" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "firesoft-classtpl-file-include(36143)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36143" ]
} },
] "references": {
} "reference_data": [
} {
"name": "37699",
"refsource": "OSVDB",
"url": "http://osvdb.org/37699"
},
{
"name": "25366",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25366"
},
{
"name": "20070819 Firesoft Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/477243/100/0/threaded"
},
{
"name": "firesoft-classtpl-file-include(36143)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36143"
}
]
}
}

180
2007/4xxx/CVE-2007-4479.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4479", "ID": "CVE-2007-4479",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20070821 Vulnerabilities digest", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/477253/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in search.html in Search Engine Builder allows remote attackers to inject arbitrary web script or HTML via the searWords parameter."
{ }
"name" : "http://securityvulns.ru/Rdocument843.html", ]
"refsource" : "MISC", },
"url" : "http://securityvulns.ru/Rdocument843.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://websecurity.com.ua/1159/", "description": [
"refsource" : "MISC", {
"url" : "http://websecurity.com.ua/1159/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "25391", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/25391" ]
}, },
{ "references": {
"name" : "37097", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/37097" "name": "http://securityvulns.ru/Rdocument843.html",
}, "refsource": "MISC",
{ "url": "http://securityvulns.ru/Rdocument843.html"
"name" : "26560", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/26560" "name": "20070821 Vulnerabilities digest",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/477253/100/0/threaded"
"name" : "searchenginebuilder-search-xss(36149)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36149" "name": "25391",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/25391"
} },
} {
"name": "http://websecurity.com.ua/1159/",
"refsource": "MISC",
"url": "http://websecurity.com.ua/1159/"
},
{
"name": "37097",
"refsource": "OSVDB",
"url": "http://osvdb.org/37097"
},
{
"name": "26560",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26560"
},
{
"name": "searchenginebuilder-search-xss(36149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36149"
}
]
}
}

150
2007/4xxx/CVE-2007-4882.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-4882", "ID": "CVE-2007-4882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in TechExcel CustomerWise (formerly TechExcel CRM) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/11/Premiere-faille-publiee-de-lannee", "description_data": [
"refsource" : "MISC", {
"url" : "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/11/Premiere-faille-publiee-de-lannee" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in TechExcel CustomerWise (formerly TechExcel CRM) allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/12/Decouverte-de-vulnerabilite-publication-et-patch", ]
"refsource" : "MISC", },
"url" : "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/12/Decouverte-de-vulnerabilite-publication-et-patch" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25624", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/25624" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "37083", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/37083" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/12/Decouverte-de-vulnerabilite-publication-et-patch",
"refsource": "MISC",
"url": "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/12/Decouverte-de-vulnerabilite-publication-et-patch"
},
{
"name": "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/11/Premiere-faille-publiee-de-lannee",
"refsource": "MISC",
"url": "http://arquilliere.blog.rhonealpesjob.com/index.php/post/2007/09/11/Premiere-faille-publiee-de-lannee"
},
{
"name": "37083",
"refsource": "OSVDB",
"url": "http://osvdb.org/37083"
},
{
"name": "25624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25624"
}
]
}
}

34
2007/6xxx/CVE-2007-6034.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2007-6034", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2007-6034",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6062. Reason: This candidate is a duplicate of CVE-2007-6062. Notes: All CVE users should reference CVE-2007-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6062. Reason: This candidate is a duplicate of CVE-2007-6062. Notes: All CVE users should reference CVE-2007-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

180
2007/6xxx/CVE-2007-6189.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6189", "ID": "CVE-2007-6189",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a \"%%\" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20071120 EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/483986/100/100/threaded" "lang": "eng",
}, "value": "A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a \"%%\" sequence, which is misinterpreted as a Unicode string and decoded twice, leading to improper memory allocation and a heap-based buffer overflow."
{ }
"name" : "4663", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/4663" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://research.eeye.com/html/advisories/published/AD20071120.html", "description": [
"refsource" : "MISC", {
"url" : "http://research.eeye.com/html/advisories/published/AD20071120.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2007-3935", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2007/3935" ]
}, },
{ "references": {
"name" : "1018986", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1018986" "name": "1018986",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1018986"
"name" : "27717", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27717" "name": "http://research.eeye.com/html/advisories/published/AD20071120.html",
}, "refsource": "MISC",
{ "url": "http://research.eeye.com/html/advisories/published/AD20071120.html"
"name" : "3405", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/3405" "name": "3405",
} "refsource": "SREASON",
] "url": "http://securityreason.com/securityalert/3405"
} },
} {
"name": "ADV-2007-3935",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3935"
},
{
"name": "27717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27717"
},
{
"name": "4663",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4663"
},
{
"name": "20071120 EEYE: BitDefender Online Scanner 8 Double Decode Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/483986/100/100/threaded"
}
]
}
}

130
2014/100xxx/CVE-2014-100039.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-100039", "ID": "CVE-2014-100039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.malwarebytes.org/support/releasehistory/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.malwarebytes.org/support/releasehistory/" "lang": "eng",
}, "value": "mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service (crash) via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information."
{ }
"name" : "114249", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/114249" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "114249",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/114249"
},
{
"name": "https://www.malwarebytes.org/support/releasehistory/",
"refsource": "CONFIRM",
"url": "https://www.malwarebytes.org/support/releasehistory/"
}
]
}
}

230
2014/5xxx/CVE-2014-5008.json
View File

@ -1,117 +1,117 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5008", "ID": "CVE-2014-5008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Snoopy allows remote attackers to execute arbitrary commands."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/07/16/10" "lang": "eng",
}, "value": "Snoopy allows remote attackers to execute arbitrary commands."
{ }
"name" : "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2014/07/18/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20161221 Re: Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/12/21/8" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264", ]
"refsource" : "MISC", }
"url" : "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264" ]
}, },
{ "references": {
"name" : "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28" "name": "68419",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/68419"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1121497", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1121497" "name": "[oss-security] 20140718 Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/07/18/2"
"name" : "DSA-3248", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3248" "name": "DSA-3248",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3248"
"name" : "RHSA-2017:0211", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0211.html" "name": "[oss-security] 20140716 Re: Re: CVE request - Snoopy incomplete fix for CVE-2008-4796",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/07/16/10"
"name" : "RHSA-2017:0212", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0212.html" "name": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264",
}, "refsource": "MISC",
{ "url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024264"
"name" : "RHSA-2017:0213", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0213.html" "name": "RHSA-2017:0212",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0212.html"
"name" : "RHSA-2017:0214", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0214.html" "name": "RHSA-2017:0213",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0213.html"
"name" : "68419", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68419" "name": "[oss-security] 20161221 Re: Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565]",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2016/12/21/8"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121497"
},
{
"name": "RHSA-2017:0214",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0214.html"
},
{
"name": "RHSA-2017:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0211.html"
},
{
"name": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28",
"refsource": "CONFIRM",
"url": "http://snoopy.cvs.sourceforge.net/viewvc/snoopy/Snoopy/Snoopy.class.php?view=log#rev1.28"
}
]
}
}

330
2014/5xxx/CVE-2014-5077.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-5077", "ID": "CVE-2014-5077",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2014/07/26/1" "lang": "eng",
}, "value": "The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction."
{ }
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1be9a950c646c9092fb3618197f7b6bfb50e82aa", ]
"refsource" : "CONFIRM", },
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1be9a950c646c9092fb3618197f7b6bfb50e82aa" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1122982", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1122982" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa", ]
"refsource" : "CONFIRM", }
"url" : "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa" ]
}, },
{ "references": {
"name" : "RHSA-2014:1083", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1083.html" "name": "60545",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60545"
"name" : "RHSA-2014:1668", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1668.html" "name": "62563",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/62563"
"name" : "RHSA-2014:1763", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1763.html" "name": "SUSE-SU-2014:1316",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html"
"name" : "SUSE-SU-2014:1316", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1be9a950c646c9092fb3618197f7b6bfb50e82aa",
}, "refsource": "CONFIRM",
{ "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1be9a950c646c9092fb3618197f7b6bfb50e82aa"
"name" : "SUSE-SU-2014:1319", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html" "name": "USN-2335-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2335-1"
"name" : "USN-2334-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2334-1" "name": "USN-2334-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2334-1"
"name" : "USN-2335-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2335-1" "name": "60430",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60430"
"name" : "USN-2358-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2358-1" "name": "SUSE-SU-2014:1319",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00007.html"
"name" : "USN-2359-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2359-1" "name": "60564",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/60564"
"name" : "68881", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/68881" "name": "RHSA-2014:1083",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1083.html"
"name" : "1030681", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030681" "name": "[oss-security] 20140725 Re: CVE request Linux Kernel: net: SCTP: NULL pointer dereference",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2014/07/26/1"
"name" : "59777", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59777" "name": "USN-2359-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2359-1"
"name" : "60564", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60564" "name": "RHSA-2014:1763",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1763.html"
"name" : "60744", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60744" "name": "59777",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59777"
"name" : "62563", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/62563" "name": "RHSA-2014:1668",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2014-1668.html"
"name" : "60430", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60430" "name": "linux-kernel-cve20145077-dos(95134)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95134"
"name" : "60545", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/60545" "name": "1030681",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1030681"
"name" : "linux-kernel-cve20145077-dos(95134)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95134" "name": "USN-2358-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-2358-1"
} },
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982"
},
{
"name": "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa"
},
{
"name": "60744",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60744"
},
{
"name": "68881",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68881"
}
]
}
}

34
2014/5xxx/CVE-2014-5513.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-5513", "ID": "CVE-2014-5513",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2014/5xxx/CVE-2014-5787.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-5787", "ID": "CVE-2014-5787",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) application 1.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Ninja Chicken (aka mominis.Generic_Android.Ninja_Chicken) application 1.7.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#752689", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/752689" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#752689",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/752689"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2015/2xxx/CVE-2015-2243.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-2243", "ID": "CVE-2015-2243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150305 Webshop hun v1.062S Directory Traversal Security Vulnerabilities", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2015/Mar/26" "lang": "eng",
}, "value": "Directory traversal vulnerability in Webshop hun 1.062S allows remote attackers to have unspecified impact via directory traversal sequences in the mappa parameter to index.php."
{ }
"name" : "http://packetstormsecurity.com/files/130653/Webshop-Hun-1.062S-Directory-Traversal.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/130653/Webshop-Hun-1.062S-Directory-Traversal.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://tetraph.com/security/directory-traversal-vulnerability/webshop-hun-v1-062s-directory-traversal-security-vulnerabilities/", "description": [
"refsource" : "MISC", {
"url" : "http://tetraph.com/security/directory-traversal-vulnerability/webshop-hun-v1-062s-directory-traversal-security-vulnerabilities/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/130653/Webshop-Hun-1.062S-Directory-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/130653/Webshop-Hun-1.062S-Directory-Traversal.html"
},
{
"name": "http://tetraph.com/security/directory-traversal-vulnerability/webshop-hun-v1-062s-directory-traversal-security-vulnerabilities/",
"refsource": "MISC",
"url": "http://tetraph.com/security/directory-traversal-vulnerability/webshop-hun-v1-062s-directory-traversal-security-vulnerabilities/"
},
{
"name": "20150305 Webshop hun v1.062S Directory Traversal Security Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Mar/26"
}
]
}
}

180
2015/2xxx/CVE-2015-2597.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-2597", "ID": "CVE-2015-2597",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install."
{ }
"name" : "SUSE-SU-2015:1319", ]
"refsource" : "SUSE", },
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SUSE-SU-2015:1320", "description": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openSUSE-SU-2015:1288", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2015:1289", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
"name" : "75856", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/75856" "name": "1032910",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1032910"
"name" : "1032910", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032910" "name": "openSUSE-SU-2015:1289",
} "refsource": "SUSE",
] "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
} },
} {
"name": "SUSE-SU-2015:1319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
},
{
"name": "SUSE-SU-2015:1320",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
},
{
"name": "openSUSE-SU-2015:1288",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
},
{
"name": "75856",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75856"
}
]
}
}

130
2015/6xxx/CVE-2015-6165.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2015-6165", "ID": "CVE-2015-6165",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"Microsoft Silverlight Information Disclosure Vulnerability,\" a different vulnerability than CVE-2015-6114."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS15-129", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-129" "lang": "eng",
}, "value": "Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"Microsoft Silverlight Information Disclosure Vulnerability,\" a different vulnerability than CVE-2015-6114."
{ }
"name" : "1034321", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1034321" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MS15-129",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-129"
},
{
"name": "1034321",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034321"
}
]
}
}

120
2015/6xxx/CVE-2015-6624.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2015-6624", "ID": "CVE-2015-6624",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23999740."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://source.android.com/security/bulletin/2015-12-01.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://source.android.com/security/bulletin/2015-12-01.html" "lang": "eng",
} "value": "System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23999740."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2015-12-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2015-12-01.html"
}
]
}
}

160
2015/6xxx/CVE-2015-6912.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-6912", "ID": "CVE-2015-6912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/536427/100/0/threaded" "lang": "eng",
}, "value": "Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands via shell metacharacters in the subtitle_codepage parameter to subtitle.cgi."
{ }
"name" : "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/Sep/31" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html", ]
"refsource" : "MISC", }
"url" : "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html" ]
}, },
{ "references": {
"name" : "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715" "name": "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html",
} "refsource": "MISC",
] "url": "https://www.securify.nl/advisory/SFY20150810/synology_video_station_command_injection_and_multiple_sql_injection_vulnerabilities.html"
} },
} {
"name": "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715",
"refsource": "CONFIRM",
"url": "https://www.synology.com/en-global/releaseNote/VideoStation?model=DS715"
},
{
"name": "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/536427/100/0/threaded"
},
{
"name": "20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Sep/31"
},
{
"name": "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/133519/Synology-Video-Station-1.5-0757-Command-Injection-SQL-Injection.html"
}
]
}
}

130
2016/0xxx/CVE-2016-0833.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-0833", "ID": "CVE-2016-0833",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Android allows users to cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/" "lang": "eng",
}, "value": "Android allows users to cause a denial of service."
{ }
"name" : "98009", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98009" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/",
"refsource": "MISC",
"url": "https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/"
},
{
"name": "98009",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98009"
}
]
}
}

140
2016/0xxx/CVE-2016-0902.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security_alert@emc.com", "ASSIGNER": "security_alert@emc.com",
"ID" : "CVE-2016-0902", "ID": "CVE-2016-0902",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20160504 ESA-2016-051: Patch 14 for RSA Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2016/May/23" "lang": "eng",
}, "value": "CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
{ }
"name" : "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1035755", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1035755" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html"
},
{
"name": "20160504 ESA-2016-051: Patch 14 for RSA Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2016/May/23"
},
{
"name": "1035755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035755"
}
]
}
}

120
2016/0xxx/CVE-2016-0957.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-0957", "ID": "CVE-2016-0957",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html" "lang": "eng",
} "value": "Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html"
}
]
}
}

34
2016/1000xxx/CVE-2016-1000373.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-1000373", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-1000373",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9866. Reason: This candidate is a reservation duplicate of CVE-2016-9866. Notes: All CVE users should reference CVE-2016-9866 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-9866. Reason: This candidate is a reservation duplicate of CVE-2016-9866. Notes: All CVE users should reference CVE-2016-9866 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

130
2016/10xxx/CVE-2016-10108.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10108", "ID": "CVE-2016-10108",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/" "lang": "eng",
}, "value": "Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data."
{ }
"name" : "95200", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/95200" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/",
"refsource": "MISC",
"url": "https://www.stevencampbell.info/2016/12/command-injection-in-western-digital-mycloud-nas/"
},
{
"name": "95200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95200"
}
]
}
}

120
2016/10xxx/CVE-2016-10320.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-10320", "ID": "CVE-2016-10320",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://seclists.org/oss-sec/2016/q4/442", "description_data": [
"refsource" : "MISC", {
"url" : "http://seclists.org/oss-sec/2016/q4/442" "lang": "eng",
} "value": "textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/oss-sec/2016/q4/442",
"refsource": "MISC",
"url": "http://seclists.org/oss-sec/2016/q4/442"
}
]
}
}

132
2016/10xxx/CVE-2016-10409.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2016-10409", "ID": "CVE-2016-10409",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Automobile, Snapdragon Mobile", "product_name": "Snapdragon Automobile, Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835" "version_value": "SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "TOCTOU vulnerability in secure write protect system calls"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "TOCTOU vulnerability in secure write protect system calls"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

122
2016/10xxx/CVE-2016-10617.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2018-04-26T00:00:00", "DATE_PUBLIC": "2018-04-26T00:00:00",
"ID" : "CVE-2016-10617", "ID": "CVE-2016-10617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "box2d-native node module", "product_name": "box2d-native node module",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "HackerOne" "vendor_name": "HackerOne"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "box2d-native downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Encryption of Sensitive Data (CWE-311)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://nodesecurity.io/advisories/219", "description_data": [
"refsource" : "MISC", {
"url" : "https://nodesecurity.io/advisories/219" "lang": "eng",
} "value": "box2d-native downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Encryption of Sensitive Data (CWE-311)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://nodesecurity.io/advisories/219",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/219"
}
]
}
}

160
2016/4xxx/CVE-2016-4284.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2016-4284", "ID": "CVE-2016-4284",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html" "lang": "eng",
}, "value": "Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924."
{ }
"name" : "GLSA-201610-10", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201610-10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2016:1865", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1865.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "92930", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/92930" ]
}, },
{ "references": {
"name" : "1036791", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036791" "name": "GLSA-201610-10",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201610-10"
} },
} {
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-29.html"
},
{
"name": "RHSA-2016:1865",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1865.html"
},
{
"name": "92930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92930"
},
{
"name": "1036791",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036791"
}
]
}
}

150
2016/4xxx/CVE-2016-4330.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2016-4330", "ID": "CVE-2016-4330",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.talosintelligence.com/reports/TALOS-2016-0176/", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.talosintelligence.com/reports/TALOS-2016-0176/" "lang": "eng",
}, "value": "In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution."
{ }
"name" : "DSA-3727", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2016/dsa-3727" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201701-13", "description": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201701-13" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "94414", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/94414" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0176/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0176/"
},
{
"name": "94414",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94414"
},
{
"name": "GLSA-201701-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-13"
},
{
"name": "DSA-3727",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3727"
}
]
}
}

140
2016/4xxx/CVE-2016-4378.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4378", "ID": "CVE-2016-4378",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355" "lang": "eng",
}, "value": "The (1) Device Manager, (2) Tiered Storage Manager, (3) Replication Manager, (4) Replication Monitor, and (5) Hitachi Automation Director (HAD) components in HPE XP P9000 Command View Advanced Edition Software before 8.4.1-00 and XP7 Command View Advanced Edition Suite before 8.4.1-00 allow remote attackers to obtain sensitive information via unspecified vectors."
{ }
"name" : "92649", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/92649" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1036686", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036686" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05241355"
},
{
"name": "1036686",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036686"
},
{
"name": "92649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92649"
}
]
}
}

160
2016/4xxx/CVE-2016-4793.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4793", "ID": "CVE-2016-4793",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "39813", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/39813/" "lang": "eng",
}, "value": "The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header."
{ }
"name" : "http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt", ]
"refsource" : "MISC", },
"url" : "http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.citrix.com/article/CTX236992", ]
"refsource" : "CONFIRM", }
"url" : "https://support.citrix.com/article/CTX236992" ]
}, },
{ "references": {
"name" : "95846", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95846" "name": "https://support.citrix.com/article/CTX236992",
} "refsource": "CONFIRM",
] "url": "https://support.citrix.com/article/CTX236992"
} },
} {
"name": "39813",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39813/"
},
{
"name": "http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt",
"refsource": "MISC",
"url": "http://legalhackers.com/advisories/CakePHP-IP-Spoofing-Vulnerability.txt"
},
{
"name": "95846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95846"
},
{
"name": "https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html",
"refsource": "CONFIRM",
"url": "https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112_325_released.html"
}
]
}
}

34
2016/4xxx/CVE-2016-4983.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-4983", "ID": "CVE-2016-4983",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2016/9xxx/CVE-2016-9060.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2016-9060", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2016-9060",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none."
} }
] ]
} }
} }

130
2016/9xxx/CVE-2016-9450.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9450", "ID": "CVE-2016-9450",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.drupal.org/SA-CORE-2016-005", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.drupal.org/SA-CORE-2016-005" "lang": "eng",
}, "value": "The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context."
{ }
"name" : "94367", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/94367" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94367"
},
{
"name": "https://www.drupal.org/SA-CORE-2016-005",
"refsource": "CONFIRM",
"url": "https://www.drupal.org/SA-CORE-2016-005"
}
]
}
}

180
2016/9xxx/CVE-2016-9818.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-9818", "ID": "CVE-2016-9818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20161129 Xen Security Advisory 201 - ARM guests may induce host asynchronous abort", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/11/29/3" "lang": "eng",
}, "value": "Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP."
{ }
"name" : "[oss-security] 20161204 Re: Xen Security Advisory 201 - ARM guests may induce host asynchronous abort", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2016/12/05/7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://xenbits.xen.org/xsa/advisory-201.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://xenbits.xen.org/xsa/advisory-201.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://xenbits.xen.org/xsa/xsa201-4.patch", ]
"refsource" : "CONFIRM", }
"url" : "http://xenbits.xen.org/xsa/xsa201-4.patch" ]
}, },
{ "references": {
"name" : "GLSA-201612-56", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201612-56" "name": "http://xenbits.xen.org/xsa/xsa201-4.patch",
}, "refsource": "CONFIRM",
{ "url": "http://xenbits.xen.org/xsa/xsa201-4.patch"
"name" : "94581", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/94581" "name": "http://xenbits.xen.org/xsa/advisory-201.html",
}, "refsource": "CONFIRM",
{ "url": "http://xenbits.xen.org/xsa/advisory-201.html"
"name" : "1037358", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037358" "name": "GLSA-201612-56",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201612-56"
} },
} {
"name": "1037358",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037358"
},
{
"name": "[oss-security] 20161129 Xen Security Advisory 201 - ARM guests may induce host asynchronous abort",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/11/29/3"
},
{
"name": "94581",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94581"
},
{
"name": "[oss-security] 20161204 Re: Xen Security Advisory 201 - ARM guests may induce host asynchronous abort",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/05/7"
}
]
}
}

132
2019/2xxx/CVE-2019-2441.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2441", "ID": "CVE-2019-2441",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "WebLogic Server", "product_name": "WebLogic Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "12.2.1.3" "version_value": "12.2.1.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
{ }
"name" : "106593", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/106593" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106593"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}
]
}
}

130
2019/2xxx/CVE-2019-2544.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2019-2544", "ID": "CVE-2019-2544",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Operating System", "product_name": "Solaris Operating System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "10" "version_value": "10"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11" "version_value": "11"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" "lang": "eng",
} "value": "Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
}
]
}
}

34
2019/2xxx/CVE-2019-2757.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2757", "ID": "CVE-2019-2757",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/2xxx/CVE-2019-2827.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-2827", "ID": "CVE-2019-2827",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3404.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3404", "ID": "CVE-2019-3404",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3504.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3504", "ID": "CVE-2019-3504",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3863.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3863", "ID": "CVE-2019-3863",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/3xxx/CVE-2019-3980.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-3980", "ID": "CVE-2019-3980",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6347.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6347", "ID": "CVE-2019-6347",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6715.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6715", "ID": "CVE-2019-6715",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6945.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6945", "ID": "CVE-2019-6945",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/6xxx/CVE-2019-6989.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-6989", "ID": "CVE-2019-6989",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7037.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7037", "ID": "CVE-2019-7037",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/7xxx/CVE-2019-7268.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7268", "ID": "CVE-2019-7268",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2019/7xxx/CVE-2019-7637.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7637", "ID": "CVE-2019-7637",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html" "lang": "eng",
}, "value": "SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c."
{ }
"name" : "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4497", "description": [
"refsource" : "MISC", {
"url" : "https://bugzilla.libsdl.org/show_bug.cgi?id=4497" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720", ]
"refsource" : "MISC", }
"url" : "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1714-1] libsdl2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00016.html"
},
{
"name": "[debian-lts-announce] 20190313 [SECURITY] [DLA 1713-1] libsdl1.2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00015.html"
},
{
"name": "https://bugzilla.libsdl.org/show_bug.cgi?id=4497",
"refsource": "MISC",
"url": "https://bugzilla.libsdl.org/show_bug.cgi?id=4497"
},
{
"name": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720",
"refsource": "MISC",
"url": "https://discourse.libsdl.org/t/vulnerabilities-found-in-libsdl-1-2-15/25720"
}
]
}
}

34
2019/7xxx/CVE-2019-7775.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-7775", "ID": "CVE-2019-7775",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2019/8xxx/CVE-2019-8331.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8331", "ID": "CVE-2019-8331",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover data-template attribute."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/twbs/bootstrap/pull/28236", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/twbs/bootstrap/pull/28236" "lang": "eng",
}, "value": "In Bootstrap before 4.3.1, XSS is possible in the tooltip or popover data-template attribute."
{ }
"name" : "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", ]
"refsource" : "MISC", },
"url" : "https://github.com/twbs/bootstrap/releases/tag/v4.3.1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "107375", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/107375" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "107375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107375"
},
{
"name": "https://github.com/twbs/bootstrap/pull/28236",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/28236"
},
{
"name": "https://github.com/twbs/bootstrap/releases/tag/v4.3.1",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/releases/tag/v4.3.1"
}
]
}
}

34
2019/8xxx/CVE-2019-8522.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8522", "ID": "CVE-2019-8522",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8816.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8816", "ID": "CVE-2019-8816",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/8xxx/CVE-2019-8896.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-8896", "ID": "CVE-2019-8896",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/9xxx/CVE-2019-9014.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-9014", "ID": "CVE-2019-9014",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }