admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:11:21 +00:00
parent cf5e4a4cfd
commit 9e896f1f92
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
68 changed files with 4531 additions and 4531 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
1999/0xxx/CVE-1999-0068.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0068", "ID": "CVE-1999-0068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CGI PHP mylog script allows an attacker to read any file on the target server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "713", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/713" "lang": "eng",
}, "value": "CGI PHP mylog script allows an attacker to read any file on the target server."
{ }
"name" : "3396", ]
"refsource" : "OSVDB", },
"url" : "http://www.osvdb.org/3396" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "713",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/713"
},
{
"name": "3396",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3396"
}
]
}
}

160
1999/0xxx/CVE-1999-0380.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-0380", "ID": "CVE-1999-0380",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=91999015212415&w=2" "lang": "eng",
}, "value": "SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, then running finger on the user."
{ }
"name" : "19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=91996412724720&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SLmail 3.2 Build 3113 (Web Administration Security Fix)", "description": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://marc.info/?l=ntbugtraq&m=92110501504997&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "497", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/497" ]
}, },
{ "references": {
"name" : "slmail-ras-ntfs-bypass(5392)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5392" "name": "199902225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service",
} "refsource": "NTBUGTRAQ",
] "url": "http://marc.info/?l=ntbugtraq&m=91999015212415&w=2"
} },
} {
"name": "497",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/497"
},
{
"name": "SLmail 3.2 Build 3113 (Web Administration Security Fix)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=92110501504997&w=2"
},
{
"name": "19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=91996412724720&w=2"
},
{
"name": "slmail-ras-ntfs-bypass(5392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5392"
}
]
}
}

120
1999/1xxx/CVE-1999-1039.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1039", "ID": "CVE-1999-1039",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19980502-01-P3030", "description_data": [
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030" "lang": "eng",
} "value": "Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19980502-01-P3030",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/19980502-01-P3030"
}
]
}
}

150
1999/1xxx/CVE-1999-1132.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1132", "ID": "CVE-1999-1132",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19981005 NMRC Advisory - Lame NT Token Ring DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=90763508011966&w=2" "lang": "eng",
}, "value": "Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs."
{ }
"name" : "19981002 NMRC Advisory - Lame NT Token Ring DoS", ]
"refsource" : "NTBUGTRAQ", },
"url" : "http://marc.info/?l=ntbugtraq&m=90760603030452&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "Q179157", "description": [
"refsource" : "MSKB", {
"url" : "http://support.microsoft.com/support/kb/articles/Q179/1/57.asp" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "token-ring-dos(1399)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/1399.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "19981005 NMRC Advisory - Lame NT Token Ring DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=90763508011966&w=2"
},
{
"name": "19981002 NMRC Advisory - Lame NT Token Ring DoS",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=90760603030452&w=2"
},
{
"name": "token-ring-dos(1399)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/1399.php"
},
{
"name": "Q179157",
"refsource": "MSKB",
"url": "http://support.microsoft.com/support/kb/articles/Q179/1/57.asp"
}
]
}
}

130
1999/1xxx/CVE-1999-1212.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1212", "ID": "CVE-1999-1212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CA-1991-02", "description_data": [
"refsource" : "CERT", {
"url" : "http://www.cert.org/advisories/CA-1991-02.html" "lang": "eng",
}, "value": "Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges."
{ }
"name" : "sun-intelnetd(574)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/574" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sun-intelnetd(574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/574"
},
{
"name": "CA-1991-02",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1991-02.html"
}
]
}
}

130
1999/1xxx/CVE-1999-1251.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1251", "ID": "CVE-1999-1251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBUX9612-043", "description_data": [
"refsource" : "HP", {
"url" : "http://packetstormsecurity.org/advisories/hpalert/043" "lang": "eng",
}, "value": "Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service."
{ }
"name" : "hp-audio-panic(2010)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2010" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "hp-audio-panic(2010)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2010"
},
{
"name": "HPSBUX9612-043",
"refsource": "HP",
"url": "http://packetstormsecurity.org/advisories/hpalert/043"
}
]
}
}

130
1999/1xxx/CVE-1999-1307.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-1999-1307", "ID": "CVE-1999-1307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "19941209 Novell security advisory on sadc, urestore and the suid_exec feature", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.dataguard.no/bugtraq/1994_4/0676.html" "lang": "eng",
}, "value": "Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges."
{ }
"name" : "F-06", ]
"refsource" : "CIAC", },
"url" : "http://ciac.llnl.gov/ciac/bulletins/f-06.shtml" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "F-06",
"refsource": "CIAC",
"url": "http://ciac.llnl.gov/ciac/bulletins/f-06.shtml"
},
{
"name": "19941209 Novell security advisory on sadc, urestore and the suid_exec feature",
"refsource": "BUGTRAQ",
"url": "http://www.dataguard.no/bugtraq/1994_4/0676.html"
}
]
}
}

120
2000/0xxx/CVE-2000-0079.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0079", "ID": "CVE-2000-0079",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "936", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/936" "lang": "eng",
} "value": "The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/936"
}
]
}
}

130
2000/0xxx/CVE-2000-0263.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0263", "ID": "CVE-2000-0263",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000416 xfs", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html" "lang": "eng",
}, "value": "The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request."
{ }
"name" : "1111", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1111" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1111"
},
{
"name": "20000416 xfs",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0079.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0321.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0321", "ID": "CVE-2000-0321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000424 Buffer Overflow in version .14", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html" "lang": "eng",
}, "value": "Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name."
{ }
"name" : "1147", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1147" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000424 Buffer Overflow in version .14",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0190.html"
},
{
"name": "1147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1147"
}
]
}
}

140
2000/0xxx/CVE-2000-0394.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0394", "ID": "CVE-2000-0394",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000519 RFP2K05: NetProwler vs. RFProwler", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=95878603510835&w=2" "lang": "eng",
}, "value": "NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature."
{ }
"name" : "20000522 RFP2K05 - NetProwler \"Fragmentation\" Issue", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1225", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1225" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20000522 RFP2K05 - NetProwler \"Fragmentation\" Issue",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=392AD3B3.3E9BE3EA@axent.com"
},
{
"name": "1225",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1225"
},
{
"name": "20000519 RFP2K05: NetProwler vs. RFProwler",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=95878603510835&w=2"
}
]
}
}

140
2000/0xxx/CVE-2000-0504.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0504", "ID": "CVE-2000-0504",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000619 XFree86: libICE DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html" "lang": "eng",
}, "value": "libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro."
{ }
"name" : "http://www.xfree86.org/security/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.xfree86.org/security/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1369", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1369" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.xfree86.org/security/",
"refsource": "CONFIRM",
"url": "http://www.xfree86.org/security/"
},
{
"name": "1369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1369"
},
{
"name": "20000619 XFree86: libICE DoS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0170.html"
}
]
}
}

130
2000/0xxx/CVE-2000-0646.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0646", "ID": "CVE-2000-0646",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000721 WFTPD/WFTPD Pro 2.41 RC11 vulnerabilities.", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html" "lang": "eng",
}, "value": "WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred."
{ }
"name" : "1506", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/1506" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000721 WFTPD/WFTPD Pro 2.41 RC11 vulnerabilities.",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0295.html"
},
{
"name": "1506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1506"
}
]
}
}

140
2000/0xxx/CVE-2000-0775.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0775", "ID": "CVE-2000-0775",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000828 [NT] Viking security vulnerabilities enable remote code execution (long URL, date parsing)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122$0d7f2310$0201a8c0@aviram" "lang": "eng",
}, "value": "Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers."
{ }
"name" : "http://www.robtex.com/viking/bugs.htm", ]
"refsource" : "CONFIRM", },
"url" : "http://www.robtex.com/viking/bugs.htm" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1614", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/1614" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1614"
},
{
"name": "http://www.robtex.com/viking/bugs.htm",
"refsource": "CONFIRM",
"url": "http://www.robtex.com/viking/bugs.htm"
},
{
"name": "20000828 [NT] Viking security vulnerabilities enable remote code execution (long URL, date parsing)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=399a01c01122$0d7f2310$0201a8c0@aviram"
}
]
}
}

150
2000/0xxx/CVE-2000-0786.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-0786", "ID": "CVE-2000-0786",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000726 userv security boundary tool 1.0.1 (SECURITY FIX)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html" "lang": "eng",
}, "value": "GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions."
{ }
"name" : "20000727 userv: local exploit", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2000/20000727" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://marc.info/?l=bugtraq&m=96473640717095&w=2", "description": [
"refsource" : "CONFIRM", {
"url" : "http://marc.info/?l=bugtraq&m=96473640717095&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1516", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/1516" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20000726 userv security boundary tool 1.0.1 (SECURITY FIX)",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0389.html"
},
{
"name": "1516",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1516"
},
{
"name": "http://marc.info/?l=bugtraq&m=96473640717095&w=2",
"refsource": "CONFIRM",
"url": "http://marc.info/?l=bugtraq&m=96473640717095&w=2"
},
{
"name": "20000727 userv: local exploit",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000727"
}
]
}
}

120
2000/1xxx/CVE-2000-1201.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2000-1201", "ID": "CVE-2000-1201",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20000707 Re: CheckPoint FW1 BUG", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html" "lang": "eng",
} "value": "Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000707 Re: CheckPoint FW1 BUG",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0085.html"
}
]
}
}

330
2005/2xxx/CVE-2005-2335.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2335", "ID": "CVE-2005-2335",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060526 rPSA-2006-0084-1 fetchmail", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/435197/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifier for the Fetchmail issue. This is the correct identifier."
{ }
"name" : "20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/441856/100/200/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt", "description": [
"refsource" : "CONFIRM", {
"url" : "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://developer.berlios.de/project/shownotes.php?release_id=6617", ]
"refsource" : "CONFIRM", }
"url" : "http://developer.berlios.de/project/shownotes.php?release_id=6617" ]
}, },
{ "references": {
"name" : "APPLE-SA-2006-08-01", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" "name": "APPLE-SA-2006-08-01",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html"
"name" : "DSA-774", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2005/dsa-774" "name": "14349",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14349"
"name" : "FEDORA-2005-613", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html" "name": "SUSE-SR:2005:018",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2005_18_sr.html"
"name" : "FEDORA-2005-614", },
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html" "name": "ADV-2006-3101",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3101"
"name" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html", },
"refsource" : "MISC", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html" "name": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html",
}, "refsource": "MISC",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html"
"name" : "RHSA-2005:640", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2005-640.html" "name": "ADV-2005-1171",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2005/1171"
"name" : "SUSE-SR:2005:018", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2005_18_sr.html" "name": "21253",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21253"
"name" : "TA06-214A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" "name": "19289",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/19289"
"name" : "14349", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/14349" "name": "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt",
}, "refsource": "CONFIRM",
{ "url": "http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt"
"name" : "19289", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/19289" "name": "18174",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/18174"
"name" : "oval:org.mitre.oval:def:8833", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833" "name": "TA06-214A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html"
"name" : "ADV-2005-1171", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/1171" "name": "oval:org.mitre.oval:def:1124",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124"
"name" : "ADV-2006-3101", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3101" "name": "FEDORA-2005-613",
}, "refsource": "FEDORA",
{ "url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html"
"name" : "18174", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/18174" "name": "oval:org.mitre.oval:def:1038",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038"
"name" : "oval:org.mitre.oval:def:1038", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038" "name": "http://developer.berlios.de/project/shownotes.php?release_id=6617",
}, "refsource": "CONFIRM",
{ "url": "http://developer.berlios.de/project/shownotes.php?release_id=6617"
"name" : "oval:org.mitre.oval:def:1124", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124" "name": "20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow'",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/441856/100/200/threaded"
"name" : "16176", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16176" "name": "oval:org.mitre.oval:def:8833",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833"
"name" : "21253", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21253" "name": "DSA-774",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2005/dsa-774"
} },
} {
"name": "RHSA-2005:640",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-640.html"
},
{
"name": "FEDORA-2005-614",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html"
},
{
"name": "20060526 rPSA-2006-0084-1 fetchmail",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435197/100/0/threaded"
},
{
"name": "16176",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/16176"
}
]
}
}

190
2005/2xxx/CVE-2005-2954.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2954", "ID": "CVE-2005-2954",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20050914 ATutor 1.5.1 SQL Injection / Admin credentials disclosure / Information disclosure / User impersonation / Remote code execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=112671176100432&w=2" "lang": "eng",
}, "value": "SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field."
{ }
"name" : "http://rgod.altervista.org/atutor151.html", ]
"refsource" : "MISC", },
"url" : "http://rgod.altervista.org/atutor151.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.atutor.ca/news.php#150905", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.atutor.ca/news.php#150905" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "14831", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/14831" ]
}, },
{ "references": {
"name" : "ADV-2005-1751", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/1751" "name": "14831",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/14831"
"name" : "19411", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/19411" "name": "16813",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/16813/"
"name" : "16813", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/16813/" "name": "19411",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/19411"
"name" : "atutor-passwordreminder-sql-injection(22282)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22282" "name": "20050914 ATutor 1.5.1 SQL Injection / Admin credentials disclosure / Information disclosure / User impersonation / Remote code execution",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=112671176100432&w=2"
} },
} {
"name": "ADV-2005-1751",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1751"
},
{
"name": "http://rgod.altervista.org/atutor151.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/atutor151.html"
},
{
"name": "http://www.atutor.ca/news.php#150905",
"refsource": "CONFIRM",
"url": "http://www.atutor.ca/news.php#150905"
},
{
"name": "atutor-passwordreminder-sql-injection(22282)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22282"
}
]
}
}

120
2005/2xxx/CVE-2005-2998.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-2998", "ID": "CVE-2005-2998",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://rgod.altervista.org/phpatm130.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://rgod.altervista.org/phpatm130.html" "lang": "eng",
} "value": "PHP Advanced Transfer Manager 1.30 has a default password for the administrator user, which allows remote attackers to upload and execute arbitrary PHP files."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rgod.altervista.org/phpatm130.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/phpatm130.html"
}
]
}
}

160
2005/3xxx/CVE-2005-3744.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-3744", "ID": "CVE-2005-3744",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html" "lang": "eng",
}, "value": "SQL injection vulnerability in index.php in phpComasy 0.7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: an examination of the 0.7.5 source code suggests that there is no id parameter being handled directly by index.php."
{ }
"name" : "15511", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/15511" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2005-2507", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2005/2507" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20984", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/20984" ]
}, },
{ "references": {
"name" : "17660", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/17660" "name": "15511",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/15511"
} },
} {
"name": "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html",
"refsource": "MISC",
"url": "http://pridels0.blogspot.com/2005/11/phpcomasy-id-sql-injection.html"
},
{
"name": "ADV-2005-2507",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2507"
},
{
"name": "20984",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20984"
},
{
"name": "17660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17660"
}
]
}
}

330
2007/5xxx/CVE-2007-5405.json
View File

@ -1,167 +1,167 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2007-5405", "ID": "CVE-2007-5405",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490837/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
{ }
"name" : "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/490825/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/490838/100/0/threaded" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities", ]
"refsource" : "BUGTRAQ", }
"url" : "http://www.securityfocus.com/archive/1/490839/100/0/threaded" ]
}, },
{ "references": {
"name" : "http://secunia.com/secunia_research/2007-95/advisory/", "reference_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-95/advisory/" "name": "28140",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28140"
"name" : "http://secunia.com/secunia_research/2007-96/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-96/advisory/" "name": "29342",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/29342"
"name" : "http://secunia.com/secunia_research/2007-97/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-97/advisory/" "name": "http://secunia.com/secunia_research/2007-97/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2007-97/advisory/"
"name" : "http://secunia.com/secunia_research/2007-98/advisory/", },
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2007-98/advisory/" "name": "27763",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27763"
"name" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453", },
"refsource" : "CONFIRM", {
"url" : "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453" "name": "autonomy-keyview-applix-multiple-bo(41721)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
"name" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html", },
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html" "name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
"name" : "28454", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/28454" "name": "28209",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28209"
"name" : "ADV-2008-1153", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1153" "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
"name" : "ADV-2008-1154", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1154" "name": "http://secunia.com/secunia_research/2007-96/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2007-96/advisory/"
"name" : "ADV-2008-1156", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1156" "name": "ADV-2008-1156",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1156"
"name" : "1019805", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1019805" "name": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453",
}, "refsource": "CONFIRM",
{ "url": "http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453"
"name" : "1019844", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1019844" "name": "28454",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/28454"
"name" : "27763", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27763" "name": "http://secunia.com/secunia_research/2007-95/advisory/",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2007-95/advisory/"
"name" : "28140", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28140" "name": "28210",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/28210"
"name" : "28209", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28209" "name": "1019844",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1019844"
"name" : "28210", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28210" "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
"name" : "29342", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/29342" "name": "ADV-2008-1154",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/1154"
"name" : "autonomy-keyview-applix-multiple-bo(41721)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721" "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
} "refsource": "BUGTRAQ",
] "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
} },
} {
"name": "http://secunia.com/secunia_research/2007-98/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-98/advisory/"
},
{
"name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
},
{
"name": "1019805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019805"
},
{
"name": "ADV-2008-1153",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1153"
}
]
}
}

200
2007/5xxx/CVE-2007-5509.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-5509", "ID": "CVE-2007-5509",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06."
{ }
"name" : "HPSBMA02133", ]
"refsource" : "HP", },
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT061201", "description": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "TA07-290A", ]
"refsource" : "CERT", }
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" ]
}, },
{ "references": {
"name" : "ADV-2007-3524", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3524" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html"
"name" : "ADV-2007-3626", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/3626" "name": "ADV-2007-3524",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3524"
"name" : "1018823", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1018823" "name": "ADV-2007-3626",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/3626"
"name" : "27251", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27251" "name": "TA07-290A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html"
"name" : "27409", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27409" "name": "SSRT061201",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
} },
} {
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2"
},
{
"name": "1018823",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018823"
},
{
"name": "27409",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27409"
},
{
"name": "27251",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27251"
}
]
}
}

140
2009/2xxx/CVE-2009-2037.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2037", "ID": "CVE-2009-2037",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8853", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8853" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in Online Grades & Attendance 3.2.5 and earlier, and possibly 3.2.6, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) GLOBALS[SKIN] parameter to index.php and the (2) skin parameter to admin/admin.php."
{ }
"name" : "onlinegrades-admin-file-include(50902)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50902" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "onlinegrades-globalsskin-file-include(50901)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50901" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "onlinegrades-globalsskin-file-include(50901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50901"
},
{
"name": "8853",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8853"
},
{
"name": "onlinegrades-admin-file-include(50902)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50902"
}
]
}
}

200
2009/2xxx/CVE-2009-2071.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2071", "ID": "CVE-2009-2071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=7338", "description_data": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=7338" "lang": "eng",
}, "value": "Google Chrome before 1.0.154.53 displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site during one request, and then sending the browser a crafted 502 response page upon a subsequent request."
{ }
"name" : "http://code.google.com/p/chromium/issues/detail?id=8473", ]
"refsource" : "MISC", },
"url" : "http://code.google.com/p/chromium/issues/detail?id=8473" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://research.microsoft.com/apps/pubs/default.aspx?id=79323", "description": [
"refsource" : "MISC", {
"url" : "http://research.microsoft.com/apps/pubs/default.aspx?id=79323" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf", ]
"refsource" : "MISC", }
"url" : "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=479880", "reference_data": [
"refsource" : "MISC", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=479880" "name": "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669",
}, "refsource": "CONFIRM",
{ "url": "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669"
"name" : "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453", },
"refsource" : "CONFIRM", {
"url" : "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453" "name": "http://code.google.com/p/chromium/issues/detail?id=7338",
}, "refsource": "MISC",
{ "url": "http://code.google.com/p/chromium/issues/detail?id=7338"
"name" : "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669", },
"refsource" : "CONFIRM", {
"url" : "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669" "name": "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf",
}, "refsource": "MISC",
{ "url": "http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf"
"name" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669", },
"refsource" : "CONFIRM", {
"url" : "http://src.chromium.org/viewvc/chrome?view=rev&revision=11669" "name": "35411",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/35411"
"name" : "35411", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/35411" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=479880",
} "refsource": "MISC",
] "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=479880"
} },
} {
"name": "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453",
"refsource": "CONFIRM",
"url": "http://sites.google.com/a/chromium.org/dev/getting-involved/dev-channel/release-notes/releasenotes1015453"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=8473",
"refsource": "MISC",
"url": "http://code.google.com/p/chromium/issues/detail?id=8473"
},
{
"name": "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669",
"refsource": "CONFIRM",
"url": "http://src.chromium.org/viewvc/chrome/branches/release_154.next/src/net/http/http_transaction_winhttp.cc?r1=11621&r2=11669&pathrev=11669"
},
{
"name": "http://research.microsoft.com/apps/pubs/default.aspx?id=79323",
"refsource": "MISC",
"url": "http://research.microsoft.com/apps/pubs/default.aspx?id=79323"
}
]
}
}

170
2009/2xxx/CVE-2009-2457.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2457", "ID": "CVE-2009-2457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.novell.com/support/viewContent.do?externalId=3426981", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.novell.com/support/viewContent.do?externalId=3426981" "lang": "eng",
}, "value": "The DS\\NDSD component in Novell eDirectory 8.8 before SP5 allows remote attackers to cause a denial of service (crash) via a malformed bind LDAP packet."
{ }
"name" : "35666", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/35666" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "55849", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/55849" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "34160", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/34160" ]
}, },
{ "references": {
"name" : "ADV-2009-1883", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/1883" "name": "55849",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/55849"
"name" : "edirectory-ldap-dos(51706)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706" "name": "34160",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/34160"
} },
} {
"name": "http://www.novell.com/support/viewContent.do?externalId=3426981",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=3426981"
},
{
"name": "edirectory-ldap-dos(51706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51706"
},
{
"name": "35666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35666"
},
{
"name": "ADV-2009-1883",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1883"
}
]
}
}

140
2009/2xxx/CVE-2009-2597.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2597", "ID": "CVE-2009-2597",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1" "lang": "eng",
}, "value": "The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request."
{ }
"name" : "258508", ]
"refsource" : "SUNALERT", },
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "35979", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/35979" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141248-01-1"
},
{
"name": "258508",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-258508-1"
},
{
"name": "35979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35979"
}
]
}
}

140
2009/2xxx/CVE-2009-2750.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2750", "ID": "CVE-2009-2750",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24025456", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24025456" "lang": "eng",
}, "value": "IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 before FP2 does not have the intended configuration properties, which allows remote authenticated users to obtain unspecified data access via a property query."
{ }
"name" : "IZ66279", ]
"refsource" : "AIXAPAR", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ66279" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "websphere-wsrr-property-security-bypass(55744)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55744" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24025456",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025456"
},
{
"name": "websphere-wsrr-property-security-bypass(55744)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55744"
},
{
"name": "IZ66279",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ66279"
}
]
}
}

150
2009/2xxx/CVE-2009-2833.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-2833", "ID": "CVE-2009-2833",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT3937", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT3937" "lang": "eng",
}, "value": "Buffer overflow in the UCCompareTextDefault API in International Components for Unicode in Apple Mac OS X 10.5.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors."
{ }
"name" : "APPLE-SA-2009-11-09-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "36956", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/36956" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ADV-2009-3184", ]
"refsource" : "VUPEN", }
"url" : "http://www.vupen.com/english/advisories/2009/3184" ]
} },
] "references": {
} "reference_data": [
} {
"name": "36956",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36956"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
}
]
}
}

150
2009/3xxx/CVE-2009-3963.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-3963", "ID": "CVE-2009-3963",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.xoops.org/modules/news/article.php?storyid=5064", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.xoops.org/modules/news/article.php?storyid=5064" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in XOOPS before 2.4.0 Final have unknown impact and attack vectors."
{ }
"name" : "36955", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/36955" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-3174", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/3174" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "xoops-multiple-unspecified(54181)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54181" ]
} },
] "references": {
} "reference_data": [
} {
"name": "xoops-multiple-unspecified(54181)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54181"
},
{
"name": "36955",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36955"
},
{
"name": "ADV-2009-3174",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3174"
},
{
"name": "http://www.xoops.org/modules/news/article.php?storyid=5064",
"refsource": "CONFIRM",
"url": "http://www.xoops.org/modules/news/article.php?storyid=5064"
}
]
}
}

190
2015/0xxx/CVE-2015-0356.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2015-0356", "ID": "CVE-2015-0356",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" "lang": "eng",
}, "value": "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\""
{ }
"name" : "GLSA-201504-07", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201504-07" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2015:0813", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0813.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2015:0722", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2015:0723", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" "name": "openSUSE-SU-2015:0718",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html"
"name" : "openSUSE-SU-2015:0718", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" "name": "SUSE-SU-2015:0722",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html"
"name" : "openSUSE-SU-2015:0725", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" "name": "GLSA-201504-07",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201504-07"
"name" : "1032105", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032105" "name": "1032105",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1032105"
} },
} {
"name": "RHSA-2015:0813",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0813.html"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html"
},
{
"name": "openSUSE-SU-2015:0725",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html"
},
{
"name": "SUSE-SU-2015:0723",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html"
}
]
}
}

142
2015/0xxx/CVE-2015-0574.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-0574", "ID": "CVE-2015-0574",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20" "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Control in UIM"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-07-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient."
{ }
"name" : "https://source.android.com/security/bulletin/2018-04-01", ]
"refsource" : "CONFIRM", },
"url" : "https://source.android.com/security/bulletin/2018-04-01" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "103671", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/103671" "lang": "eng",
} "value": "Improper Access Control in UIM"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

140
2015/0xxx/CVE-2015-0632.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2015-0632", "ID": "CVE-2015-0632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150226 Vulnerability in IPv6 Neighbor Discovery in Cisco IOS and IOS-XE Software", "description_data": [
"refsource" : "CISCO", {
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0632" "lang": "eng",
}, "value": "Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the local network, aka Bug ID CSCuo67770."
{ }
"name" : "72797", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/72797" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1031816", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1031816" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "72797",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72797"
},
{
"name": "1031816",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031816"
},
{
"name": "20150226 Vulnerability in IPv6 Neighbor Discovery in Cisco IOS and IOS-XE Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0632"
}
]
}
}

120
2015/0xxx/CVE-2015-0994.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2015-0994", "ID": "CVE-2015-0994",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01", "description_data": [
"refsource" : "MISC", {
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01" "lang": "eng",
} "value": "Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-090-01"
}
]
}
}

220
2015/3xxx/CVE-2015-3294.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3294", "ID": "CVE-2015-3294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150423 Dnsmasq 2.72 Unchecked returned value", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535354/100/1100/threaded" "lang": "eng",
}, "value": "The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request."
{ }
"name" : "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", ]
"refsource" : "MLIST", },
"url" : "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8", ]
"refsource" : "CONFIRM", }
"url" : "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8" ]
}, },
{ "references": {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" "name": "DSA-3251",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3251"
"name" : "DSA-3251", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3251" "name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
}, "refsource": "MLIST",
{ "url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009382.html"
"name" : "GLSA-201512-01", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201512-01" "name": "openSUSE-SU-2015:0857",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html"
"name" : "openSUSE-SU-2015:0857", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00013.html" "name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8",
}, "refsource": "CONFIRM",
{ "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=ad4a8ff7d9097008d7623df8543df435bfddeac8"
"name" : "USN-2593-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2593-1" "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
"name" : "74452", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74452" "name": "USN-2593-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2593-1"
"name" : "1032195", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1032195" "name": "GLSA-201512-01",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201512-01"
} },
} {
"name": "[Dnsmasq-discuss] 20150407 dnsmsaq potential vulnerability",
"refsource": "MLIST",
"url": "http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2015q2/009387.html"
},
{
"name": "1032195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032195"
},
{
"name": "74452",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74452"
},
{
"name": "20150423 Dnsmasq 2.72 Unchecked returned value",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535354/100/1100/threaded"
}
]
}
}

140
2015/3xxx/CVE-2015-3397.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-3397", "ID": "CVE-2015-3397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Yii Framework before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON, arrays, and Internet Explorer 6 or 7."
{ }
"name" : "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "74663", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74663" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "74663",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74663"
},
{
"name": "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/",
"refsource": "CONFIRM",
"url": "http://www.yiiframework.com/news/86/yii-2-0-4-is-released/"
},
{
"name": "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md",
"refsource": "CONFIRM",
"url": "https://github.com/yiisoft/yii2/blob/2.0.4/framework/CHANGELOG.md"
}
]
}
}

120
2015/4xxx/CVE-2015-4465.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-4465", "ID": "CVE-2015-4465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://wordpress.org/plugins/zm-ajax-login-register/changelog/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://wordpress.org/plugins/zm-ajax-login-register/changelog/" "lang": "eng",
} "value": "Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wordpress.org/plugins/zm-ajax-login-register/changelog/",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/zm-ajax-login-register/changelog/"
}
]
}
}

460
2015/4xxx/CVE-2015-4843.json
View File

@ -1,232 +1,232 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2015-4843", "ID": "CVE-2015-4843",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3381", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2015/dsa-3381" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201603-11", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201603-11" ]
}, },
{ "references": {
"name" : "GLSA-201603-14", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201603-14" "name": "SUSE-SU-2015:2182",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html"
"name" : "RHSA-2016:1430", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2016:1430" "name": "USN-2784-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2784-1"
"name" : "RHSA-2015:2506", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" "name": "openSUSE-SU-2015:1905",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"
"name" : "RHSA-2015:2507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" "name": "SUSE-SU-2015:2192",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
"name" : "RHSA-2015:2508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" "name": "openSUSE-SU-2015:1906",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html"
"name" : "RHSA-2015:2509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" "name": "RHSA-2015:2507",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html"
"name" : "RHSA-2015:2518", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" "name": "RHSA-2015:1928",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html"
"name" : "RHSA-2015:1919", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
"name" : "RHSA-2015:1920", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" "name": "RHSA-2016:1430",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2016:1430"
"name" : "RHSA-2015:1921", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" "name": "RHSA-2015:2506",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html"
"name" : "RHSA-2015:1926", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" "name": "RHSA-2015:2509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html"
"name" : "RHSA-2015:1927", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" "name": "1033884",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1033884"
"name" : "RHSA-2015:1928", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" "name": "SUSE-SU-2015:2166",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
"name" : "SUSE-SU-2016:0113", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
"name" : "openSUSE-SU-2016:0270", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" "name": "openSUSE-SU-2016:0270",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"
"name" : "SUSE-SU-2015:2166", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" "name": "RHSA-2015:1919",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html"
"name" : "SUSE-SU-2015:2168", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" "name": "GLSA-201603-11",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-11"
"name" : "SUSE-SU-2015:2182", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" "name": "openSUSE-SU-2015:1902",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html"
"name" : "SUSE-SU-2015:2192", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" "name": "RHSA-2015:1920",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html"
"name" : "SUSE-SU-2015:2216", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" "name": "RHSA-2015:2518",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html"
"name" : "SUSE-SU-2015:2268", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" "name": "GLSA-201603-14",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201603-14"
"name" : "SUSE-SU-2015:1874", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" "name": "SUSE-SU-2015:2216",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html"
"name" : "SUSE-SU-2015:1875", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" "name": "RHSA-2015:1927",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html"
"name" : "openSUSE-SU-2015:1902", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" "name": "openSUSE-SU-2015:1971",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html"
"name" : "openSUSE-SU-2015:1905", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" "name": "SUSE-SU-2015:2268",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html"
"name" : "openSUSE-SU-2015:1906", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" "name": "SUSE-SU-2015:2168",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html"
"name" : "openSUSE-SU-2015:1971", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" "name": "RHSA-2015:1921",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html"
"name" : "USN-2827-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2827-1" "name": "SUSE-SU-2015:1874",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html"
"name" : "USN-2784-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2784-1" "name": "DSA-3381",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2015/dsa-3381"
"name" : "77160", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/77160" "name": "RHSA-2015:1926",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html"
"name" : "1033884", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1033884" "name": "77160",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/77160"
} },
} {
"name": "SUSE-SU-2015:1875",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html"
},
{
"name": "RHSA-2015:2508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html"
},
{
"name": "SUSE-SU-2016:0113",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
},
{
"name": "USN-2827-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2827-1"
}
]
}
}

120
2015/8xxx/CVE-2015-8089.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8089", "ID": "CVE-2015-8089",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm" "lang": "eng",
} "value": "The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm",
"refsource": "CONFIRM",
"url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-460276.htm"
}
]
}
}

34
2015/8xxx/CVE-2015-8291.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2015-8291", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2015-8291",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
} }
] ]
} }
} }

140
2015/8xxx/CVE-2015-8368.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8368", "ID": "CVE-2015-8368",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "38836", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/38836/" "lang": "eng",
}, "value": "ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua."
{ }
"name" : "20151209 ntop-ng <= 2.0.151021 - Privilege Escalation", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/Dec/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/134593/ntop-ng-2.0.15102-Privilege-Escalation.html"
},
{
"name": "20151209 ntop-ng <= 2.0.151021 - Privilege Escalation",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Dec/10"
},
{
"name": "38836",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38836/"
}
]
}
}

34
2015/8xxx/CVE-2015-8463.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8463", "ID": "CVE-2015-8463",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2015/8xxx/CVE-2015-8723.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2015-8723", "ID": "CVE-2015-8723",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.wireshark.org/security/wnpa-sec-2015-42.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-42.html" "lang": "eng",
}, "value": "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet."
{ }
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0", "description": [
"refsource" : "CONFIRM", {
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", ]
"refsource" : "CONFIRM", }
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" ]
}, },
{ "references": {
"name" : "DSA-3505", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3505" "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0",
}, "refsource": "CONFIRM",
{ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=40b283181c63cb28bc6f58d80315eccca6650da0"
"name" : "GLSA-201604-05", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201604-05" "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11790"
"name" : "79382", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/79382" "name": "79382",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/79382"
"name" : "1034551", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1034551" "name": "DSA-3505",
} "refsource": "DEBIAN",
] "url": "http://www.debian.org/security/2016/dsa-3505"
} },
} {
"name": "GLSA-201604-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201604-05"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "1034551",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034551"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2015-42.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2015-42.html"
}
]
}
}

132
2015/9xxx/CVE-2015-9046.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2017-07-01T00:00:00", "DATE_PUBLIC": "2017-07-01T00:00:00",
"ID" : "CVE-2015-9046", "ID": "CVE-2015-9046",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "All Qualcomm products", "product_name": "All Qualcomm products",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Reachable Assertion Vulnerability in LTE"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-07-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-07-01" "lang": "eng",
}, "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list."
{ }
"name" : "99467", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/99467" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Reachable Assertion Vulnerability in LTE"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99467"
}
]
}
}

132
2015/9xxx/CVE-2015-9218.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-04-02T00:00:00", "DATE_PUBLIC": "2018-04-02T00:00:00",
"ID" : "CVE-2015-9218", "ID": "CVE-2015-9218",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile, Snapdragon Wear", "product_name": "Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016" "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Reachable Assertion in Video."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2018-04-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2018-04-01" "lang": "eng",
}, "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs."
{ }
"name" : "103671", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/103671" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Reachable Assertion in Video."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "103671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103671"
}
]
}
}

240
2016/5xxx/CVE-2016-5178.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@google.com",
"ID" : "CVE-2016-5178", "ID": "CVE-2016-5178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=645028", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=645028" "lang": "eng",
}, "value": "Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors."
{ }
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=651092", ]
"refsource" : "CONFIRM", },
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=651092" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380632", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1380632" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html", ]
"refsource" : "CONFIRM", }
"url" : "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html" ]
}, },
{ "references": {
"name" : "DSA-3683", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2016/dsa-3683" "name": "DSA-3683",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2016/dsa-3683"
"name" : "FEDORA-2016-a90040934d", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNUTOWCXLWVXOTGQUS53DSRVTO3J226Z/" "name": "93238",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/93238"
"name" : "FEDORA-2016-d61c4f72da", },
"refsource" : "FEDORA", {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FWZVE5PX27FWPLGOPDA7ZC5MILOWN6K/" "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=651092",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=651092"
"name" : "GLSA-201610-09", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201610-09" "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=645028",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=645028"
"name" : "RHSA-2016:2007", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2016-2007.html" "name": "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html",
}, "refsource": "CONFIRM",
{ "url": "https://chromereleases.googleblog.com/2016/09/stable-channel-update-for-desktop_29.html"
"name" : "openSUSE-SU-2016:2429", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00000.html" "name": "openSUSE-SU-2016:2432",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00001.html"
"name" : "openSUSE-SU-2016:2432", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00001.html" "name": "1036970",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1036970"
"name" : "93238", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/93238" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1380632",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380632"
"name" : "1036970", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036970" "name": "RHSA-2016:2007",
} "refsource": "REDHAT",
] "url": "http://rhn.redhat.com/errata/RHSA-2016-2007.html"
} },
} {
"name": "FEDORA-2016-a90040934d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNUTOWCXLWVXOTGQUS53DSRVTO3J226Z/"
},
{
"name": "openSUSE-SU-2016:2429",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00000.html"
},
{
"name": "GLSA-201610-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201610-09"
},
{
"name": "FEDORA-2016-d61c4f72da",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FWZVE5PX27FWPLGOPDA7ZC5MILOWN6K/"
}
]
}
}

130
2016/5xxx/CVE-2016-5231.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-5231", "ID": "CVE-2016-5231",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en" "lang": "eng",
}, "value": "Huawei Mate8 NXT-AL before NXT-AL10C00B182, NXT-CL before NXT-CL00C92B182, NXT-DL before NXT-DL00C17B182, and NXT-TL before NXT-TL00C01B182 allows attackers to bypass permission checks and delete user data via a crafted app."
{ }
"name" : "91556", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/91556" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91556"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20160520-01-smartphone-en"
}
]
}
}

170
2016/5xxx/CVE-2016-5427.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2016-5427", "ID": "CVE-2016-5427",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2016/09/09/3" "lang": "eng",
}, "value": "PowerDNS (aka pdns) Authoritative Server before 3.4.10 does not properly handle a . (dot) inside labels, which allows remote attackers to cause a denial of service (backend CPU consumption) via a crafted DNS query."
{ }
"name" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/", ]
"refsource" : "CONFIRM", },
"url" : "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3", "description": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-3664", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2016/dsa-3664" ]
}, },
{ "references": {
"name" : "92917", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/92917" "name": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/PowerDNS/pdns/commit/881b5b03a590198d03008e4200dd00cc537712f3"
"name" : "1036761", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1036761" "name": "1036761",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1036761"
} },
} {
"name": "DSA-3664",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3664"
},
{
"name": "92917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92917"
},
{
"name": "[oss-security] 20160909 PowerDNS Security Advisory 2016-01: Crafted queries can cause unexpected backend load",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/09/3"
},
{
"name": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/",
"refsource": "CONFIRM",
"url": "https://doc.powerdns.com/md/security/powerdns-advisory-2016-01/"
}
]
}
}

130
2016/5xxx/CVE-2016-5599.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-5599", "ID": "CVE-2016-5599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Oracle Advanced Supply Chain Planning component in Oracle Supply Chain Products Suite 12.2.3 through 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to MscObieeSrvlt."
{ }
"name" : "93619", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/93619" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93619"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
}
]
}
}

164
2018/2xxx/CVE-2018-2386.json
View File

@ -1,84 +1,84 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2386", "ID": "CVE-2018-2386",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP Internet Graphics Server", "product_name": "SAP Internet Graphics Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.20" "version_value": "7.20"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.20EXT" "version_value": "7.20EXT"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.45" "version_value": "7.45"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.49" "version_value": "7.49"
}, },
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "7.53" "version_value": "7.53"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP SE" "vendor_name": "SAP SE"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/" "lang": "eng",
}, "value": "Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53."
{ }
"name" : "https://launchpad.support.sap.com/#/notes/2525222", ]
"refsource" : "CONFIRM", },
"url" : "https://launchpad.support.sap.com/#/notes/2525222" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "Denial-of-Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.support.sap.com/#/notes/2525222",
"refsource": "CONFIRM",
"url": "https://launchpad.support.sap.com/#/notes/2525222"
},
{
"name": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/",
"refsource": "CONFIRM",
"url": "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
}
]
}
}

156
2018/2xxx/CVE-2018-2497.json
View File

@ -1,80 +1,80 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cna@sap.com", "ASSIGNER": "cna@sap.com",
"ID" : "CVE-2018-2497", "ID": "CVE-2018-2497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SAP HANA", "product_name": "SAP HANA",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "1.0" "version_value": "1.0"
}, },
{ {
"version_name" : "=", "version_name": "=",
"version_value" : "2.0" "version_value": "2.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "SAP" "vendor_name": "SAP"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Other"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://launchpad.support.sap.com/#/notes/2704878", "description_data": [
"refsource" : "MISC", {
"url" : "https://launchpad.support.sap.com/#/notes/2704878" "lang": "eng",
}, "value": "The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT."
{ }
"name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", ]
"refsource" : "MISC", },
"url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "106152", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/106152" "lang": "eng",
} "value": "Other"
] }
}, ]
"source" : { }
"discovery" : "UNKNOWN" ]
} },
} "references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699"
},
{
"name": "106152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106152"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2704878",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2704878"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

34
2018/2xxx/CVE-2018-2545.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-2545", "ID": "CVE-2018-2545",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2018/2xxx/CVE-2018-2690.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2018-2690", "ID": "CVE-2018-2690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "VM VirtualBox", "product_name": "VM VirtualBox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "5.1.32" "version_value": "5.1.32"
}, },
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "5.2.6" "version_value": "5.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" "lang": "eng",
}, "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)."
{ }
"name" : "102694", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/102694" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1040202", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040202" "lang": "eng",
} "value": "Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "1040202",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040202"
},
{
"name": "102694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102694"
}
]
}
}

120
2018/6xxx/CVE-2018-6580.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6580", "ID": "CVE-2018-6580",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "43958", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/43958" "lang": "eng",
} "value": "Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43958",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43958"
}
]
}
}

120
2018/6xxx/CVE-2018-6823.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6823", "ID": "CVE-2018-6823",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md" "lang": "eng",
} "value": "In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md",
"refsource": "MISC",
"url": "https://github.com/VerSprite/research/blob/master/advisories/VS-2018-001.md"
}
]
}
}

34
2018/6xxx/CVE-2018-6848.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6848", "ID": "CVE-2018-6848",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

120
2018/6xxx/CVE-2018-6866.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-6866", "ID": "CVE-2018-6866",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "44170", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://exploit-db.com/exploits/44170" "lang": "eng",
} "value": "Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44170",
"refsource": "EXPLOIT-DB",
"url": "https://exploit-db.com/exploits/44170"
}
]
}
}

120
2018/7xxx/CVE-2018-7060.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security-alert@hpe.com", "ASSIGNER": "security-alert@hpe.com",
"ID" : "CVE-2018-7060", "ID": "CVE-2018-7060",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Aruba ClearPass", "product_name": "Aruba ClearPass",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1" "version_value": "6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Hewlett Packard Enterprise" "vendor_name": "Hewlett Packard Enterprise"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "authenticated sessions are vulnerable to cross site request forgery (CSRF)"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt" "lang": "eng",
} "value": "Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "authenticated sessions are vulnerable to cross site request forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt",
"refsource": "CONFIRM",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-003.txt"
}
]
}
}

34
2018/7xxx/CVE-2018-7974.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2018-7974", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2018-7974",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none."
} }
] ]
} }
} }

34
2019/0xxx/CVE-2019-0514.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-0514", "ID": "CVE-2019-0514",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1073.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1073", "ID": "CVE-2019-1073",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1192.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1192", "ID": "CVE-2019-1192",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1312.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1312", "ID": "CVE-2019-1312",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1463.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1463", "ID": "CVE-2019-1463",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/1xxx/CVE-2019-1932.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-1932", "ID": "CVE-2019-1932",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5074.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5074", "ID": "CVE-2019-5074",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5547.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5547", "ID": "CVE-2019-5547",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2019/5xxx/CVE-2019-5871.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5871", "ID": "CVE-2019-5871",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

150
2019/5xxx/CVE-2019-5882.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2019-5882", "ID": "CVE-2019-5882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/irssi/irssi/pull/948", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/irssi/irssi/pull/948" "lang": "eng",
}, "value": "Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer."
{ }
"name" : "https://irssi.org/NEWS/#v1-1-2", ]
"refsource" : "MISC", },
"url" : "https://irssi.org/NEWS/#v1-1-2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://irssi.org/security/irssi_sa_2019_01.txt", "description": [
"refsource" : "MISC", {
"url" : "https://irssi.org/security/irssi_sa_2019_01.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3862-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3862-1/" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://irssi.org/security/irssi_sa_2019_01.txt",
"refsource": "MISC",
"url": "https://irssi.org/security/irssi_sa_2019_01.txt"
},
{
"name": "https://irssi.org/NEWS/#v1-1-2",
"refsource": "MISC",
"url": "https://irssi.org/NEWS/#v1-1-2"
},
{
"name": "https://github.com/irssi/irssi/pull/948",
"refsource": "MISC",
"url": "https://github.com/irssi/irssi/pull/948"
},
{
"name": "USN-3862-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3862-1/"
}
]
}
}